Re: [TLS] Status of IDEA and single-DES (ticket #64)

[Yoav Nir <ynir@xxxxxxxxxxxxxx>]

(1)

I think a few mandatory-to-implement ciphersuites are a good idea in  
the base spec. However, that spec should not replace IANA in becoming  
the repository for ciphersuites.  Better to skip any mention of them  
than to add cryptographical discussion there.

On Jan 22, 2008, at 10:41 AM, <Pasi.Eronen@xxxxxxxxx> <Pasi.Eronen@xxxxxxxxx 
> wrote:

<snip>
> I'd therefore like to propose two concrete alternatives for the
> WG to comment:
>
> (1) Remove all mentions of IDEA and single-DES from the TLS 1.2
> main specification. Create a separate (1-page) document which lists
> the cipher suite numbers, along with some kind of "not really that
> good idea usually" advice.
>
> The exact wording of this advice needs to be discussed, but it
> could include e.g. SHOULD NOT use, SHOULD NOT implement, SHOULD
> remove from existing implementations, and/or SHOULD NOT be enabled
> by default. This document would not be on Standards Track (in
> other words, either Informational or Historic).
>
> (2) Keep IDEA and single-DES in the TLS 1.2 main specification,
> but include a short advice along the lines described above.




_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls