[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on Mandatory Ciphers and a Proposal

To: ietf-tls@xxxxxxxxxxxxx
Subject: Re: Comments on Mandatory Ciphers and a Proposal
From: Keith Moore <moore@xxxxxxxxxx>
Date: Thu, 24 Jul 1997 19:15:37 -0400
Cc: Jeff Schiller <jis@xxxxxxx>, moore@xxxxxxxxxx
Reply-to: <ietf-tls@xxxxxxxxxxxxx>

> Specifying any mandatory-to-implement ciphersuite does not allow the
> designers of a higher-level protocol with stringent code space
> requirements to implement _only_ one or two ciphersuites whose
> implementation happens not to be mandated. As far as I understand the
> previous official response from the IESG and the more recent informal
> word from Jeff S., TLS-compliant applications could not specify a 
> different set of mandatory-to-implement ciphersuites unless they
> were to include all the base TLS mandatory-to-implement ciphersuites.

IESG hasn't discussed this specifically, but I don't think this is
true.  If a particular application needed to use different
ciphersuites, it could specify its own mandantory set rather than
reference the set in the TLS spec.

If a application uses TLS, the specification for that application
needs to specify which ciphersuites an implementation must support.
But a different application could choose a different set of
ciphersuites.  We don't expect an SMTP client be able to talk to a POP
server.  Neither is there a requirement that an SMTP+TLS client be
able to talk to a POP+TLS server.

Keith

Prev by Date: Re: Comments on Mandatory Ciphers and a Proposal
Next by Date: Re: Comments on Mandatory Ciphers and a Proposal
Previous by thread: Re: Comments on Mandatory Ciphers and a Proposal
Next by thread: Re: Comments on Mandatory Ciphers and a Proposal
Index(es):
- Date
- Thread