Also note that the current plan for TLS 1.3 is to get rid of NULL encryption entirely anyway ( http://tools.ietf.org/rfcdiff?url2=draft-ietf-tls-tls13-02.txt), apart from the initial TLS_NULL_WITH_NULL_NULL cipher suite, which exists only for formal reasons and can't be negotiated. (I don't know why TLS even has a code point allocated for it.) Nostalgia seems misplaced here.
In any case, these are supposed to be recommendations for secure use of TLS and DTLS. For insecure use, you're still free to do whatever you like. If protocol implementations meant for secure use don't make that easy, that's a feature and not a bug. Bodo
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
