On 26/08/15 22:04, David Mazieres wrote: > Stephen Farrell <[email protected]> writes: > >> Until the WG have selected between tcpcrypt and tcp-use-tls >> I don't think it makes any sense for tcp-eno to delve into >> ciphersuite or cryptographic algorithm details. > > Okay, but I just want to clarify one thing: We should separate TCP-ENO, > the draft, from my (possibly ill-advised) ramblings on this mailing > list, even though I'm an author of TCP-ENO. > > TCP-ENO provides negotiation in the abstract. That could be used to > negotiate between TCPINC v1 and v2, or TLS v1.3 and v2.0, or someday > TCPINC with and without large option/dedicate middlebox support, or > anything else. ENO could also be used to negotiate between TCPINC with > one cipher suite and TCPINC with another cipher suite, *if TCPINC itself > does not negotiate cipher suites* (which means it's not TLS). We can > debate whether or not the latter use of TCP-ENO is a good idea, but that > probably won't be a particularly useful debate at this point. > > If the WG adopts TCP-ENO and TLS, I don't think anybody believes ENO > should specify cipher suites. Rather, it should negotiate how to embed > TLS into TCP (especially if TCPM does something we can take advantage > of) or maybe what version of TLS to use (in the event that something > about TCP-use-TLS could benefit from a significant rearchitecting to > take advantage of TLS 2.0).
That all makes sense to me, Thanks, S. > > David > > _______________________________________________ > Tcpinc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tcpinc > _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
