[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Status of IDEA and single-DES (ticket #64)

To: tls@xxxxxxxx
Subject: Re: [TLS] Status of IDEA and single-DES (ticket #64)
From: Hovav Shacham <hovav@xxxxxxxxx>
Date: Tue, 22 Jan 2008 01:02:46 -0800
Cc:
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F240525CB23@xxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F240525CB23@xxxxxxxxxxxxxxxxxxxxxx>


On Jan 22, 2008, at 12:41 AM, <Pasi.Eronen@xxxxxxxxx> wrote:

(1) Remove all mentions of IDEA and single-DES from the TLS 1.2
main specification. Create a separate (1-page) document which lists
the cipher suite numbers, along with some kind of "not really that
good idea usually" advice.


(1) is my preference out of the two options here.

Cheers --
Hovav.


PS:

Several people have supported simple "MUST NOT";
others have argued that this is a policy decision, and should not
be hardcoded in the spec.

I happen to think that the TLS spec is exactly where policy that hassecurity implications should be hardcoded. Any other approach isinviting insecurity.



_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] Status of IDEA and single-DES (ticket #64)
  - From: Pasi.Eronen

Prev by Date: Re: [TLS] Status of IDEA and single-DES (ticket #64)
Previous by thread: Re: [TLS] Status of IDEA and single-DES (ticket #64)
Index(es):
- Date
- Thread