Here is my suggestion for resolving the ciphersuite issue: We need to define a small set (preferably one, maybe two) of mandatory to implement ciphersuites for GPSK. The mandatory to implement ciphers should exercise the features of GPSK. This would suggest that it should be a block cipher based ciphersuite. It seems a reasonable choice is AES-CBC with AES-CMAC. This makes use of a single base algorithm using relatively simple modes of operation.
The HMAC-SHA256 ciphersuite should also be described, but is not mandatory to implement. Does this seem reasonable? Any objections? Thanks, Joe _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
