The difference between what is defined in 1.3 and this document is the 256 bit CCM cipher suites. The document does not specify cipher suites for TLS 1.3.
Is it important for TLS 1.3 to have support for these cipher suites? If it is then we either need to add the cipher suites to this document or to TLS 1.3. At this point I would like to minimize the changes to 1.3, so I'm advocating that if the AES-256-CCM ciphers are necessary we update the current document instead of TLS 1.3. If the cipher suites are not important then we should remove them from the document. There is also confusion on what hash function to use with AES-256-CCM (it seems it should be SHA384). On Wed, Feb 22, 2017 at 9:11 AM, Ilari Liusvaara <ilariliusva...@welho.com> wrote: > On Wed, Feb 22, 2017 at 08:04:13AM +0000, Salz, Rich wrote: > > Why not just say > > The CCM cipher suites are not (currently) defined for TLS 1.3 > > > > And leave it at that. We're all quite proud of the fact, and > > deservedly so, that we only have three ciphers defined for TLS 1.3. > > Let's try to hold that position as long as possible. > > Well, AES-128-CCM with 8 and 16 byte tags does exist in editor's > copy (0x1304 and 0x1305). > > No AES-256-CCM tho. > > > -Ilari >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
