Hi,
Here’s to remind the working group that we are moving along with the bis document. We recently added an author, Thomas Fossati. Our activity is on GitHub [1] and we welcome your inputs. We have been steadily closing issues and plan to have a “feature complete” version -01 before IETF-111. And now a question to the list: the authors have been debating whether we should add TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 as a fifth recommended cipher suite for TLS 1.2. Reminder: a similar cipher suite is already recommended for TLS 1.3 implementation in RFC 8446. Pro: The cipher suite is widely implemented in libraries. There is already non-negligible usage of ChaCha-Poly (it is not clear from the data what percentage is on TLS 1.2). Cipher diversity is clearly a good thing, and currently we only recommend AES-GCM cipher suites. Con: Usage is quite low, at most 10% or so, and there are indications that people are moving back to AES-GCM on mobile, given new CPU support on ARM. No need for cipher diversity in TLS 1.2, if people want ChaCha they can move to 1.3. More generally, we should try to minimize changes to the TLS 1.2 ecosystem. Our recommendations for TLS 1.2 are less likely to be adopted, and in general we would rather move people to 1.3. We would appreciate the list weighing in. Thanks, Yaron, Peter and Thomas [1] https://github.com/yaronf/I-D/tree/main/BCP195bis and https://github.com/yaronf/I-D/issues?q=is%3Aissue+is%3Aopen+label%3ABCP195
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
