On 09/02/2016 12:04 PM, Eric Rescorla wrote: > > > On Fri, Sep 2, 2016 at 8:25 AM, Dave Garrett <davemgarr...@gmail.com > <mailto:davemgarr...@gmail.com>> wrote: > > On Friday, September 02, 2016 07:32:06 am Eric Rescorla wrote: > > On Fri, Sep 2, 2016 at 3:42 AM, Ilari Liusvaara > <ilariliusva...@welho.com <mailto:ilariliusva...@welho.com>> wrote: > > > I also don't see why this should be in TLS 1.3 spec, instead of being > > > its own spec (I looked up how much process BS it would be to > get the > > > needed registrations: informative RFC would do). > > > > I also am not following why we need to do this now. The reason > we defined SHA-2 in > > a new RFC was because (a) SHA-1 was looking weak and (b) we had > to make significant > > changes to TLS to allow the use of SHA-2. This does not seem to > be that case. > > I don't think we strictly _need_ to do this now, however I think > it's a good idea given that we'll need to do it eventually > > > I'm not sure that that's true. >
Predicting future needs is not always reliable, yes. >From a release-engineering (standards-engineering?) perspective, I still don't see any reasons to add it now, and do see reasons to not add it now. -Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls