It seems that CCM_8 falls in the “limited applicability” bucket. However, there’s nothing wrong with IoT specs requiring these ciphers in their TLS profiles.
Cheers, Andrei From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Joseph Salowey Sent: Wednesday, October 4, 2017 11:42 AM To: Salz, Rich <rs...@akamai.com> Cc: <tls@ietf.org> <tls@ietf.org> Subject: Re: [TLS] Should CCM_8 CSs be Recommended? The current editor's copy of the draft has the following text about the recommended column: The instructions in this document add a recommended column to many of the TLS registries to indicate parameters that are generally recommended for implementations to support. Adding a recommended parameter to a registry or updating a parameter to recommended status requires standards action. Not all parameters defined in standards track documents need to be marked as recommended. If an item is marked as not recommended it does not necessarily mean that it is flawed, rather, it indicates that either the item has not been through the IETF consensus process or the item has limited applicability to specific cases. On Wed, Oct 4, 2017 at 4:58 AM, Salz, Rich <rs...@akamai.com<mailto:rs...@akamai.com>> wrote: ➢ We’re recommending that these five suites be dropped from the recommended list. Please let us know what you think. Does “recommended” mean for general use, in the public Internet? Or is it “I know it when I see it” kind of thing? Either way, I support un-recommending them _______________________________________________ TLS mailing list TLS@ietf.org<mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7CAndrei.Popov%40microsoft.com%7Cd45d59ecd00a42ed5d8c08d50b57a4ce%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636427393411700505&sdata=hHQFFOVxYxpz0uibh1EQjhzOZVlhIE5nW8cX5Uvd3Bo%3D&reserved=0>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
