I don't think a RFC deprecating them is a good idea: * TLS 1.3 is almost here and is already doing that * what browser still use 64-bit ciphers? Who lets his "old" browser open for 75 hours? * in other uses of TLS. It's not always obvious if there is a possible beast style attacks. And their implementation might really well not be vulnerable (due to limiting number of messages according to specs)
David _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
