[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on Mandatory Ciphers and a Proposal

To: Transport Layer Security List <ietf-tls@xxxxxxxxxxxxx>
Subject: Re: Comments on Mandatory Ciphers and a Proposal
From: Lewis McCarthy <lmccarth@xxxxxxxxxxxx>
Date: Thu, 24 Jul 1997 00:38:51 -0400
Cc: Jeff Schiller <jis@xxxxxxx>
Reply-to: <ietf-tls@xxxxxxxxxxxxx>

someone (attribution previously lost) wrote:
>>> Which is exactly the problem.  If it's mandatory to implement, it 
>>> gives protocol designers no flexibility as to the encryption choices 
>>> that are right for their applications.

Keith Moore writes:
> I don't think so.  The "MUST implement" ciphersuites are defaults, to
> be used with most protocols.  That doesn't meen that they're deemed
> adequate for all purposes, and a particular application that uses TLS
> might want to specify some other mandantory set of ciphersuites *for
> use with that application*.

Specifying any mandatory-to-implement ciphersuite does not allow the
designers of a higher-level protocol with stringent code space
requirements to implement _only_ one or two ciphersuites whose
implementation happens not to be mandated. As far as I understand the
previous official response from the IESG and the more recent informal
word from Jeff S., TLS-compliant applications could not specify a 
different set of mandatory-to-implement ciphersuites unless they
were to include all the base TLS mandatory-to-implement ciphersuites.

-Lewis

Prev by Date: Re: Comments on Mandatory Ciphers and a Proposal
Next by Date: Re: Comments on Mandatory Ciphers and a Proposal
Previous by thread: Re: Comments on Mandatory Ciphers and a Proposal
Next by thread: Re: Comments on Mandatory Ciphers and a Proposal
Index(es):
- Date
- Thread