On Thu, 18 Jun 2020, Eric Rescorla wrote:
The way that TLS has handled this is to have the registries have a column
called Recommended and we just mark things Y or N. This is slightly
different from RFC 2119 language.
It's not that uncommon to have new stuff introduced with Recommended = N. In
fact this is the likely outcome for the GOST cipher suites:
https://datatracker.ietf.org/doc/draft-smyshlyaev-tls13-gost-suites/
I don't see anything like that mentioned in the IANA Considerations
section?
https://tools.ietf.org/html/draft-smyshlyaev-tls13-gost-suites-02#section-7
In fact, the table is specifically missing the Recommended column
required by the IANA Registry.
If we make a consistent decision regarding algorithm recommendations
IETF-wide, than I could agree with your approach. But I would like to avoid
different WGs doing slightly different things. I don't think DNSOP
(or TLS) should decide these things separately.
Perhaps SAAG could publish a generic guidance document on nation state
algorithms and their recommendations?
As a side not, in those Security Considerations I see:
2. 0-RTT data SHOULD NOT be sent during TLS 1.3 connection. The
reasons for this restriction are that the 0-RTT data is not forward
secret and is not resistant to replay attacks
It seems that the SHOULD NOT is really a very hard MUST NOT.
As another side note, would be nice to have a link to the IANA sections
updated in the IANA Considerations Section.
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop