I don't oppose any of the 4 given options, but I slightly prefer TLS 2.0, it
seems simple and clear.
In my opinion, the whole SSL vs TLS confusion needs better education to
confront, version numbers (even dates) alone might not be enough. Renaming
*SSL products to *TLS should help. Avoiding
On 23/11/16 19:13, Watson Ladd wrote:
> On Nov 23, 2016 10:22 AM, "Jeremy Harris" wrote:
>>
>> On 23/11/16 08:50, Yoav Nir wrote:
>>> As long as you run over a network that has a smallish MTU, you’re going
> to incur the packetization costs anyway, either in your code or in
> operating system code
> On 24 Nov 2016, at 20:50, Thomas Pornin wrote:
>
> Hello,
>
> I know that I am a bit late to the party, but I have a suggestion for
> the upcoming TLS 1.3.
>
> Context: I am interested in TLS support in constrained architectures,
> specifically those which have very little RAM. I recently pu
Hi Thomas,
your observations are in line with what we had noticed as well, see
Section 6 of
https://tools.ietf.org/html/draft-fossati-tls-iot-optimizations-00
Ciao
Hannes
On 11/24/2016 08:50 PM, Thomas Pornin wrote:
> Hello,
>
> I know that I am a bit late to the party, but I have a suggestion
RFC Errata System writes:
>The following errata report has been verified for RFC5288,
>"AES Galois Counter Mode (GCM) Cipher Suites for TLS".
I think the erratum needs an erratum. Firstly, nonce doesn't mean "number
used once". Secondly, nonce reuse doesn't just result in a failure of
integrit
