Re: null ciphers in 9.2.2

On 1 October 2014 06:34, Martin Thomson <> wrote:

> Would you like to make an argument for integrity-only for
> opportunistic security?  I can't imagine any argument that I'd find
> compelling, but am always willing to be surprised.

I've been writing a HTTP server for 20 years and in that time I have
continued to be surprised and then surprised again by the incredible varied
and lateral uses that the protocol has been put to in all manner of

Just because we cannot imagine why something would be done today does not
mean there will not be a use for it tomorrow.

Sure strong encryption is a good thing to have of today's public networks,
but there may be all manner of surprising deployment modes that come out in
the future that wish to use TLS, but not with a 9.2.2 compliant cipher.

9.2.2 attempts to avoid surprises by suppressing innovation.  It fails to
recognise that some surprises are pleasant surprises.

Let's not limit the usage of this protocol by the limit of our imaginations.

Greg Wilkins <> HTTP, SPDY, Websocket server and client that scales  advice and support for jetty and cometd.

Received on Tuesday, 30 September 2014 23:36:37 UTC