On Thursday 17 September 2015 03:27:22 Peter Gutmann wrote: > Viktor Dukhovni <ietf-d...@dukhovni.org> writes: > >Explicit profiles make some sense. They need not be defined by the > >TLS WG per-se, it might be enough for the TLS specification to > >reference an IANA profile registry, with the TLS-WG defining a > >"base" profile. Then other WGs (including the[ TLS WG) can define > >additional profiles. > That would be good, so the base spec could contain text like "This > document describes every possible option that the protocol can > support. It is not expected that TLS applications implement every > one of these options, since many will be inappropriate or unnecessary > in many situations. Profiles for specific situations like web > browsing, secure tunnels, IoT, embedded devices, and SCADA use can be > found at ...".
You can count on one hand the Mandatory-to-Implement ciphersuites. It's quite obvious that if you don't support anything but non-export RSA key exchange, you don't need to be able to parse Server Key Exchange messages... -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls