On Mon, Aug 3, 2015 at 12:08 PM, John-Mark Gurney <j...@funkthat.com> wrote:
> Eric Rescorla wrote this message on Mon, Aug 03, 2015 at 04:16 -0700: > > On Sun, Aug 2, 2015 at 11:24 PM, John-Mark Gurney <j...@funkthat.com> > wrote: > > > > > Eric Rescorla wrote this message on Sun, Aug 02, 2015 at 11:52 -0700: > > > > things so it's not obvious to others. In any case, what you'd want is > > > > something > > > > like: > > > > > > > > - ECDH_anon with P256 and Curve25519 > > > > - AES_128_GCM; AES_256_GCM; ChaCha/Poly1305 > > > > - SHA256 for the PRF > > > > - Session hash > > > > - No renegotiation [Banned in TLS 1.3] > > > > - No compression [Banned in TLS 1.3] > > > > - RFC5705 tickets [or PSK in 1.3] > > > > > > Is this what you are proposing for the profile? or is this just, oh > > > one profile might be the above, but I'm not proposing anything? > > > > This is what I presently intend to put in the next version of the draft, > > though I'm open to arguments that some aspect of it is wrong. > > Does that count as proposing? > > Yes, I agree w/ the above proposal, though it might be nice to include > a comparable ECDH curve of equivalent security strength to go w/ > AES-256.. > > People seem to think that P-384 or Goldilocs-448 is the curve of choice for that application. -Ekr > But otherwise the proposal looks fine.. > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." >
_______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc