Thank you for the clarifying text. I have added it on my local copy. Yours, Daniel
On Mon, May 22, 2017 at 1:35 PM, Benjamin Kaduk <ka...@mit.edu> wrote: > Sorry for the slow reply. > > On Fri, May 19, 2017 at 12:58:07PM -0400, Daniel Migault wrote: > > Thank you, > > > > Your comments have all been addressed. I have one remaining > clarification. > > In my text the SHOULD NOT was intended to the ECDHE_PSK in general, and > not > > only for the cipher suites of the draft. In your opinion do we clarify > > this, and should we use something else than SHOULD NOT ? > > It's somewhat awkward, as what we really want to do is Update RFC > 5489 to add this prohibition there. But, that's more process to > jump through and this document is already at a late stage, so I do > not actually propose doing that. I would be okay saying > > As such, all ECDHE_PSK ciphers, including those defined outside > this document, SHOULD NOT be negotiated in TLS versions prior to > 1.2. > > to match up with the MUST NOT text we have for these new ciphers. > (Taking into account Martin's text that the prohibition is on > negotiating them, but offering them in a ClientHello that also > offers the old version is okay.) > > -Ben >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls