> On 24 Feb 2017, at 14:07, Salz, Rich <rs...@akamai.com> wrote: > >> Assuming 256-bit AES-CCM suites are needed, I think the better place to put >> them is in the TLS 1.3 document. > > That's a really big assumption. ;) > > I think the burden is on folks to *prove* (yeah, I know) that additional > cipher suites are needed.
+1. I'm against adding CCM based suites to the TLS 1.3 spec. (I may be biased having worked on the OCB cipher-suite spec and patent exemptions for TLS - but for example; these were only aimed at TLS 1.2 at that time. I don't see why the IoT/embedded-world can't make use of ChaCha/Poly in future implementations?) Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
