Achim Gratz via devel <[email protected]>:
> The RFC says the client needs to tell the NTS-KE all supported ciphers.
> It doesn't say it must support different ciphers for different servers.
Yeah, that second part *really* didn't make any sense to me.
So tell me: can we conform by *discovering* the cipher set at startup time
and shipping that list to NTS-KE? Because if the RFCs don't for some
insane reason *forbid* that behavior, it's clearly the right thing.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
_______________________________________________
devel mailing list
[email protected]
http://lists.ntpsec.org/mailman/listinfo/devel
