On Tue, Nov 17, 2015 at 09:51:32AM -0800, Eric Rescorla wrote:
> My proposal is that we:
>
> - List all the Standards Track cipher suites that are compatible with TLS
> 1.3 in Appendix A.
>
> - Mark all the cipher suites that are listed in Appendix A as "Recommended"
Where does that leave ciphersuites that are "Recommended" for TLS
1.2, but TLS 1.3? Or do none of the CBC block ciphers in TLS 1.2 qualify?
Suites like (please pardon the OpenSSL-specific naming):
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
I'd have thought these would still qualify as recommended (for TLS
1.2). And then "not recommended" would cover more exotic/obsolete
codepoints.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
