On Friday, 2 September 2016 12:06:55 CEST Benjamin Kaduk wrote: > On 09/02/2016 12:04 PM, Eric Rescorla wrote: > > On Fri, Sep 2, 2016 at 8:25 AM, Dave Garrett <[email protected] > > > > <mailto:[email protected]>> wrote: > > On Friday, September 02, 2016 07:32:06 am Eric Rescorla wrote: > > > On Fri, Sep 2, 2016 at 3:42 AM, Ilari Liusvaara > > > > <[email protected] <mailto:[email protected]>> wrote: > > > > I also don't see why this should be in TLS 1.3 spec, instead of > > > > being > > > > its own spec (I looked up how much process BS it would be to > > > > get the > > > > > > needed registrations: informative RFC would do). > > > > > > I also am not following why we need to do this now. The reason > > > > we defined SHA-2 in > > > > > a new RFC was because (a) SHA-1 was looking weak and (b) we had > > > > to make significant > > > > > changes to TLS to allow the use of SHA-2. This does not seem to > > > > be that case. > > > > I don't think we strictly _need_ to do this now, however I think > > it's a good idea given that we'll need to do it eventually > > > > I'm not sure that that's true. > > Predicting future needs is not always reliable, yes. > > >From a release-engineering (standards-engineering?) perspective, I still > > don't see any reasons to add it now, and do see reasons to not add it now.
what would be the reasons not to add it now? -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
