Eric Rescorla <[email protected]> writes: > - ECDH_anon with P256 and Curve25519 > - AES_128_GCM; AES_256_GCM; ChaCha/Poly1305
This is a naive question, but could we get some guidance from the powers that be on what ciphers are and are not appropriate for an experimental TCPINC protocol document? Technically, Curve25519 and ChaCha/Poly1305 both seem like fine options. Tcpcrypt was even using Poly1305 in an earlier version (I can't remember if it ever made it into one of our drafts). We removed it from fear that this would cause standardization issues. It seems Curve25519 is still an internet draft with informational status, while RFC7539 is an informational RFC. Is it inappropriate for an experimental TCPINC protocol document to depend on informational RFCs? In order to ensure an apples-to-apples comparison between tcpcrypt and TCP-use-TLS, I'd like to suggest that we at least attempt to agree on one or two initial cipher suites for both protocols to support. David _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
