> On 30 Jan 2020, at 22:08, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > > On 30/01/2020 17:57, Yoav Nir wrote: >> Hi folks. >> >> In case you’re not following GitHub, there was an issue with a brief >> discussion ([1]) and a resulting pull request ([2]). >> >> If there are no objections by late next week, I will merge the PR. > > Allowing 2040 flags seems a bit mad and a possible > foot-gun - with a specification required rule that > could end up worse than the ciphersuites registry! > > Given it's possible to define a tls_flags2 extension > if this one runs out, I'd argue to constrain this to a > much smaller number of flags - 63 should be plenty > I'd say. > > That said, it's not that huge a deal since I have > a hard time seeing implementers even trying to code > for 2040 flags and specification required is the > same rule as for extensions. > > Cheers, > S.
The format allows 2040 bits. I think we should never define that many bits. I think we should never define even 60 bits. But I also think it should be left up to the TLS chairs and the IANA experts to serve as gatekeepers rather than tying their hands in the specification.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls