Hi Chris,
On 07/21/2014 09:06 PM, Chris Newman wrote:
I've read this draft. Overall, I support publication of this draft or a revised
version as a BCP.
Minor issues (not issues I consider blocking):
* I'd like a single list/table of TLS extensions that implementers/operators
need to consider seriously included. It's fine if it just includes references
to the RFC (or section of this BCP) where the detailed rules live. This makes
it easier to navigate through the RFCs.
Section 3.4:
o Implementations MUST NOT negotiate RC4 cipher suites
I'd prefer to have this statement added: "unless the only alternative would be
an unencrypted connection"
I fully agree.
[...]
standardized and deployed in the field, should resolve the current
vulnerabilities while providing significantly better functionality,
and will very likely obsolete this document.
I suggest deleting the last clause. No need to predict the future. I am also
unsure if the TLS WG wants the responsibility of replacing all the material in
this draft when TLS 1.3 is published.
Actually, IMHO this is exactly what the TLS WG needs to do... I see
where you're coming from, but I still think TLS 1.3 "will likely
obsolete this document" - so this is our warning to the reader.
Thanks,
Yaron
- Chris
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
