Hi, I think RFC8447bis need to say something about at least DTLS 1.3 Record Number Encryption
The two AEGIS algorithms recently got code points and DTLS-OK = Y even if there was no specification on how to do DTLS 1.3 Record Number Encryption https://datatracker.ietf.org/doc/draft-irtf-cfrg-aegis-aead/ https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml Both DTLS 1.3 Record Number Encryption and QUIC Header Protection will be added in the next version of the AEGIS draft. It is already merged to main. https://github.com/jedisct1/draft-aegis-aead Given that TLS WG is discussing deprecating (D)TLS 1.2 I don’t think you should get DTLS-OK = Y unless you specify how to do DTLS 1.3 Record Number Encryption. At a minimum I think people should be reminded to specify QUIC and DTLS 1.3 Header Protection. I also think it need to be clear that you don’t get DTLS-OK = Y unless you specify how to do DTLS 1.3 Record Number Encryption. My preference would be a new column “Protocols” specifying which protocols the cipher suite can be used in. After the update the value for the AEGIS algorithms in that column would be “TLS 1.3, DTLS 1.3, QUIC” Cheers, John
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
