W3C home > Mailing lists > Public > ietf-tls@w3.org > January to March 1997

Re: Handling NULL key exchange for NULL_ ciphersuite

From: David P. Kemp <dpkemp@missi.ncsc.mil>
Date: Mon, 10 Feb 1997 10:00:15 -0500
Message-Id: <199702101500.KAA09796@argon.ncsc.mil>
To: ietf-tls@w3.org

> 
> To close out this issue, I propose that the TLS spec forbid
> negotiating to NULL_WITH_NULL_NULL. I understand
> the argument for testing, but I suspect the risks of this in
> practical deployment make it dangerous.
> 
> Win Treese

I concur.

Received on Monday, 10 February 1997 10:00:28 EST

This message: [ Message body ]
Next message: pfh@uk.ibm.com: "NULL_ ciphersuite meets ftps"
Previous message: David P. Kemp: "Re: NEW DRAFT: Regularizing Port Numbers for SSL."
Maybe in reply to: Ned Smith: "Handling NULL key exchange for NULL_ ciphersuite"
Next in thread: Ned Smith: "Re: Handling NULL key exchange for NULL_ ciphersuite"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:59 EDT