I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please wait for direction from your document shepherd or AD before posting a new version of the draft. Document: draft-ietf-tls-des-idea-02.txt Reviewer: Vijay K. Gurbani Review Date: 11 Nov. 2008 IETF LC End Date: 17 Nov. 2008 IESG Telechat date: unknown Summary: This draft is ready for publication as an Informational. One question I had was that since the draft is deprecating DES and IDEA beyond TLS 1.2, why the normative strength of SHOULD NOT in S4.1 and S4.2 (versus MUST NOT)? Is that because existing products will not, in all probability, rip out code for DES and IDEA if already implemented? If so, does it make sense to say that new TLS implementations MUST NOT implement DES and IDEA but existing ones SHOULD consider removing these cipher suites for all the reasons given in S4.1 and S4.2? Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60566 (USA) Email: [EMAIL PROTECTED],bell-labs.com,acm.org} WWW: http://www.alcatel-lucent.com/bell-labs _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art