Re: Handling NULL key exchange for NULL_ ciphersuite

• To: ietf-tls@w3.org
• Subject: Re: Handling NULL key exchange for NULL_ ciphersuite
• From: dpkemp@missi.ncsc.mil (David P. Kemp)
• Date: Mon, 10 Feb 1997 10:00:15 -0500
• From ietf-tls-request@www10.w3.org Mon Feb 10 10: 00:28 1997
• Message-Id: <199702101500.KAA09796@argon.ncsc.mil>
• X-List-URL: http://lists.w3.org/Archives/Public/ietf-tls
• X-Sun-Charset: US-ASCII

> 
> To close out this issue, I propose that the TLS spec forbid
> negotiating to NULL_WITH_NULL_NULL. I understand
> the argument for testing, but I suspect the risks of this in
> practical deployment make it dangerous.
> 
> Win Treese

I concur.

• Prev: Re: NEW DRAFT: Regularizing Port Numbers for SSL.
• Next: Re: TWO WEEK LAST CALL: Regularizing Port Numbers for SSL.
• Index: Message index of ietf-tls@w3.org mailing list
• Thread: Thread index of ietf-tls@w3.org mailing list