Re: [TLS] secdir review of draft-ietf-tls-ecdhe-psk-aead-03

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 05/19/2017 02:16 AM, Dave Garrett wrote:
On Friday, May 19, 2017 12:38:27 am Benjamin Kaduk wrote:
In section 4, "these cipher suites MUST NOT be negotiated in TLS
versions prior to 1.2" should probably clarify that "these" cipher
suites are the new ones specified by this document.
Probably should be: "the cipher suites defined in this document
MUST NOT be negotiated for any version of TLS other than 1.2."

The sentence mentioning TLS 1.3+ could be moved up to right after
and just say: "TLS version 1.3 and later negotiate these features in
a different manner."



That's probably best, yes.  The interaction between this document and TLS 1.3 is a little weird, and it's not entirely clear to me that this one needs to say much of anything about TLS 1.3, given that TLS 1.3 changes all the relevant messages and key hierarchy and such.

-Ben

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]