On 27.11.25 22:29, Eric Rescorla wrote:
In this context I generally agree that "application profile" refers to an IETF standards track document describing the use of TLS with some other protocol.
Thanks for stating in more understandable way but I am still lost. RFC 9151 (CNSA TLS profile) [0] is informational. Intended status (as of now) of CNSA2 TLS profile [1] is also informational. Am I missing something here?
John mentioned 3GPP; I couldn't find any draft on that defining a TLS profile. Did I miss something?
Anyway, my question mainly originated from this statement:> Constrained devices, for example, often support only one of secp256r1 or X25519.
I don't see how this is connecting to any standard track document. If device vendors start issuing their own profiles (my perception of what this sentence means; John may correct me if I am wrong) and still claim to be compatible with RFC 8446 since they have a "profile", then how does this MTI bring in any benefit?
Two concrete questions: 1. (trying to phrase my /authority/ question more precisely) Is IETF the /only/ body to define "application profile standard"? or do other SDOs count as "application profile standard" as well? 2. Does it necessarily have to be standard track document? -Usama [0] https://datatracker.ietf.org/doc/rfc9151/ [1] https://datatracker.ietf.org/doc/draft-becker-cnsa2-tls-profile/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
