On 20/05/2019 15:23, Salz, Rich wrote: >> I don't see it that way. As I understand it this is a completely different > protocol to standard TLS. > > That's an interesting point, but ... they use the SSL "name."
Which isn't even an IETF name...the IETF call it TLS ;-) >> It is not intended to interoperate with it in any way. > Is that true? I didn't look closely at the protocol changes, but maybe > you're right. On the other hand, if so, then why keep the existing IETF > numbers? That was my understanding. But perhaps Paul Yang can confirm? >> As a completely different protocol they can use whatever codepoints they >> want to > use as they see fit - and there is no conflict with IETF specifications. > > If you are correct, then yes I agree. But that makes any OpenSSL integration > that much harder, doesn't it? Would the project take on the work of making > things like the apps and tests work? In particular, a new global flag saying > "tnssl" (or such), and failing to interop with existing TLS, checking the > modified cipher suites (and disallowing them for real TLS), etc. > > Yes, we would have to take care that the two really are separate. Matt