* I am trying to determine whether the use of the ChaCha20‑Poly1305 cipher fully conforms to the guidance in BCP 195 (“Recommendations for Secure Use of TLS and DTLS”).
* Could someone point me toward definitive guidance or confirm whether the ChaCha20‑Poly1305 AEAD cipher, as defined in RFC 8439, is considered compliant with the recommendations in BCP 195? You sort of have to read between the lines. Section 4.3 of RFC 9325 (part of the BCP) just points to RFC 8446, the TLS 1.3 specification. In other words, any crypto algorithm that is specified in 8446 is okay, and that includes ChaCha-Poly1305. Note that BCP 195 is getting a new RFC added to it, that will change things to “MUST TLS 1.3” and “MAY TLS 1.2” Hope this helps. /r$
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
