> On 16 Mar 2017, at 21:01, kathleen.moriarty.i...@gmail.com wrote: > > > > Please excuse typos, sent from handheld device > >> On Mar 16, 2017, at 11:37 AM, Yoav Nir <ynir.i...@gmail.com> wrote: >> >> >>> On 16 Mar 2017, at 17:17, Eric Rescorla <e...@rtfm.com> wrote: >>> >>> Hi folks >>> >>> I note that we are proposing to uplift RFC 5289 to PS, despite the fact >>> that it >>> standardizes some CBC cipher suites, which the WG is looking to move away >>> from. I recognize that these are the only cipher suites you can use in TLS >>> 1.0 >>> and 1.1, but we also want people to move away from them. >>> >>> This problem is probably solvable by marking the registry as Not >>> Recommended, but I wondered if anyone had other thoughts on this topic? >>> >> >> 5289 applies to TLS 1.0, 1.1, and 1.2. It seems strange to uplift a bunch >> of ciphersuites for 1.2 just as we’re publishing TLS 1.3 which obsoletes >> 5246. > > TLS 1.2 will be in use for a while unless major problems are found, so it's > worthwhile IMO.
I understand that. I’m wondering what message we are trying to convey by publishing or uplifting a full standard for a now-obsolete protocol. The Internet works just fine on proposed standards (or even Internet Drafts) Yoav
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
