W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Ciphersuites (was Re: Mandatory to implement cipher suites)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 17 Jul 2014 13:39:20 -0700
Message-ID: <CABkgnnV1wfqve=PR4iVF7hRaOxyfdbpO04rOb72Q0dL3kKTcaA@mail.gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 17 July 2014 13:07, Martin Thomson <martin.thomson@gmail.com> wrote:
>
> I'm afraid we can't really do that without a risk of interoperability
> failure.  TLS mandates something that we prohibit the use of.
>
> Now, assuming that the TLS WG can produce a recommendation (probably
> in the context of 1.3), we will use that.
>
> I'm amenable to your suggestion of just ECDHE.  One being better than
> two when it comes to MTI.  I'll note that this is probably something
> we should continue in the TLS WG; as we've done so far.

I'm sorry, that was a lie: I've included these values because TLS
haven't delivered us an answer at this time.  I'd prefer if they
deliver.
Received on Thursday, 17 July 2014 20:39:47 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC