On Mon, 2016-11-07 at 22:09 -0500, Daniel Migault wrote: > Hi, > > Please find the text I propose. Let me know if you have any comment > regarding the proposed text. Unless I receive comment on it, the text > will be publish as soon as draft submission is possible. > > Yours, > Daniel > > The cipher suites defined in this document are based on the AES- > GCM > and AES-CCM Authenticated Encryption with Associated Data (AEAD) > algorithms AEAD_AES_128_GCM, AEAD_AES_256_GCM, AEAD_AES_128_CCM, > and > AEAD_AES_256_CCM defined in [RFC5116], AEAD_AES_128_CCM_8 and > AEAD_AES_256_CCM_8 defined in [RFC6655]. > > For the AES-128 cipher suites, the TLS Pseudorandom Function (PRF) > with SHA-256 as the hash function SHALL be used and Clients and > Servers MUST NOT negotiate curves of less than 255 bits.
Sorry for not getting back into previous discussions. My comment as before would be to remove the text "Clients and Servers MUST NOT negotiate curves of less than 255 bits." I find that unrelated to the purpose of the text which is define code points for certain ciphersuites, and no other code points for TLS set such restrictions (DH bits, or curves). Alternatively if with this document you want to create a profile of TLS (e.g, like SuiteB rfc does), which sets options which are more than just ciphersuites then just be clear about it. That is, say this document creates a profile of TLS named XXX which if used, the clients and servers which conform to it must negotiate the ciphersuites defined above and must not negotiate curves of less than 255 bits. regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
