On Friday, July 24, 2015 01:50:31 am Andrei Popov wrote: > > I'm proposing renaming "insufficient_security" to > > "unsupported_cipher_suites", which is explicitly what it's been for since > > TLS 1.0. > > Not quite. Insufficient_security alert is defined as follows: > " Returned instead of handshake_failure when a negotiation has > failed specifically because the server requires ciphers more > secure than those supported by the client. This message is always > fatal." > > This is a very narrow and specific definition. The server says "I know all > the cipher suites the client advertises, and consider them too weak". By > contrast, unsupported_cipher_suites means something like "I don't have a > cipher suite in common with the client". The latter can happen when the > client's cipher suites are more secure than the server's.
Then if we wish to keep this as narrow as written, we can just have a separate one for unsupported with no judgment on strength: insufficient_security(71), // unchanged unsupported_cipher_suites(72), // new unsupported_groups(73), // new client_authentication_failure(74), // new e.g. RC4 gets insufficient_security & Camellia gets unsupported_cipher_suites Sounds good to me, if we prefer this. Dave _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
