Re: Concluding discussion on #612 (9.2.2) from Eric Rescorla on 2014-10-07 (ietf-http-wg@w3.org from October to December 2014)

From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 7 Oct 2014 11:24:54 -0700
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, Greg Wilkins <gregw@intalio.com>
Message-ID: <CABcZeBNVrq=hDKWxaMVhcq-aEWtk9-eGUxbXo=nEVW0_f2m7fw@mail.gmail.com>

On Tue, Oct 7, 2014 at 9:23 AM, Martin Thomson <martin.thomson@gmail.com>
wrote:

> On 7 October 2014 00:30, Eric Rescorla <ekr@rtfm.com> wrote:
> > Any future TLS modes that are not of the AEAD form MUST
> >   NOT be used without an RFC updating this document.
>
> I can certainly take the rest of the text, but this makes me uncomfortable.
>
> I noted previously that the check is simple:
>   isOK = isForwardSecrecyCapable && !isStream && !isBlock
>
> That statement would introduce some potential ambiguity based on the
> potential for a future RFC.
>
> Though I can live with it if that is the consensus.
>

I would also be fine with defaulting in the other direction. I.e., any new
ciphersuite is default OK unless stated otherwise. Again, I'm just aiming
for clarity.

-Ekr

Received on Tuesday, 7 October 2014 18:26:01 UTC