> > It seems to me you have a choice of what sort of TLV encoding to use
> > at this point. Is there any good reason not do use the same sort of
> > TLV scheme that TLS uses today, so that at least as far as the TLV
> > framing protocol the two proposals would be the same?
>
> As far as I understand, TLS MACs then encrypts the data. (Apologies if
> I've misread RFC5246.) The best current practice is to encrypt then MAC
> the ciphertext. Since there's no need to be compatible, we might as
> well use the best practices as of 2015. See, e.g.:
> http://cseweb.ucsd.edu/~mihir/papers/oem.pdf
Well, ekr did say that TLS would be profiled for use in tcpinc. So
presumably rfc7366 would be in the profile of TLS for tcpinc.
-Tim Shepard
[email protected]
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
