Dave Garrett <davemgarr...@gmail.com> writes: > Do either of these obscure ciphers actually get used enough to > continue supporting in TLS 1.3+? (the AEAD versions, not the old > suites that are no longer supported) If the answer is no, can we > prohibit use of them in TLS 1.3+, or at least recommend against them?
Camellia appears to be used surprisingly often, at least I find several occurances of it in my STARTTLS SMTP logs (one instance in my last couple of days worth of logs is when talking to the email servers for the tax authorities of Sweden...). Still, I think its use is accidental and if we have AES+ChaCha20 and no Camellia in TLS1.3 we are better off. /Simon
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls