On 05/19/2017 02:16 AM, Dave Garrett wrote:On Friday, May 19, 2017 12:38:27 am Benjamin Kaduk wrote:In section 4, "these cipher suites MUST NOT be negotiated in TLS versions prior to 1.2" should probably clarify that "these" cipher suites are the new ones specified by this document.Probably should be: "the cipher suites defined in this document MUST NOT be negotiated for any version of TLS other than 1.2." The sentence mentioning TLS 1.3+ could be moved up to right after and just say: "TLS version 1.3 and later negotiate these features in a different manner." That's probably best, yes. The interaction between this document and TLS 1.3 is a little weird, and it's not entirely clear to me that this one needs to say much of anything about TLS 1.3, given that TLS 1.3 changes all the relevant messages and key hierarchy and such. -Ben |