On 2/17/15 2:29 PM, Kathleen Moriarty wrote:
On Tue, Feb 17, 2015 at 4:11 PM, Pete Resnick <[email protected] <mailto:[email protected]>> wrote: On 2/17/15 2:07 PM, Peter Saint-Andre - &yet wrote: On 2/17/15 12:49 PM, Alissa Cooper wrote: So my question is whether we should consider this document effectively silent about the choice of cipher suites to be used when we standardize a new application protocol in the IETF, or an update to an existing protocol. If an application protocol wishes to follow the recommendations here, someone needs to write a document that says so. What about new protocols? HTTPbis included a blacklist of the registered TLS cipher suites that should not be used, with one that is on the registered list as MTI. Is something like that needed more generally or is cleanup of the TLS registry of recommendations needed?
It might be, but that's probably a job for the TLS WG. :-)
https://datatracker.ietf.org/doc/draft-ietf-httpbis-http2 Section 9.2 and appendix A TLS registry: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml The recommended list in this draft, section 4.2 includes cipher suites that were all registered for use with TLS 1.2 as far as I can tell.
Correct! :-) Peter -- Peter Saint-Andre https://andyet.com/ _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
