On Friday, April 01, 2016 03:54:51 am Nikos Mavrogiannopoulos wrote: > On Wed, 2016-03-16 at 12:36 +0000, Peter Gutmann wrote: > > After a number of, uh, gentle reminders from people who have been > > waiting for > > this, I've finally got around to posting the TLS-LTS draft I > > mentioned a while > > back. It's now available as: > > > > > http://www.ietf.org/id/draft-gutmann-tls-lts-00.txt > > I liked the idea of an LTS profile for TLS 1.2, however I just realized > that RFC7540 [0] blacklists (with no rationale) 3 out of the 4 LTS > ciphersuites and I'm wondering how practically useful will be that > profile. > > regards, > Nikos > > [0]. https://tools.ietf.org/html/rfc7540#appendix-A
As no such TLS 1.2 LTS existed at the time of publication (which multiple people, including myself, said would have been better), some kind of sane cipher restrictions were needed to avoid perpetual use of obsolete crypto. The consensus was requiring TLS 1.2+ with only PFS+AEAD cipher suites, however at the last minute implementors started complaining about the requirements and it was reduced to a blacklist of non-compliant cipher suites instead of requiring them to just update their APIs to handle things properly. Noted at the end of the section: https://tools.ietf.org/html/rfc7540#page-94 Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
