W3C home > Mailing lists > Public > ietf-tls@w3.org > January to March 1997

Re: Handling NULL key exchange for NULL_ ciphersuite

From: Win Treese <treese@OpenMarket.com>
Date: Sun, 09 Feb 1997 02:13:41 -0500
Message-Id: <3.0.32.19970209013701.006f1574@mail-60.OpenMarket.com>
To: ietf-tls@w3.org


To close out this issue, I propose that the TLS spec forbid
negotiating to NULL_WITH_NULL_NULL. I understand
the argument for testing, but I suspect the risks of this in
practical deployment make it dangerous.

Win Treese

Received on Sunday, 9 February 1997 02:44:22 UTC

This message: [ Message body ]
Next message: Win Treese: "Re: TWO WEEK LAST CALL: Regularizing Port Numbers for SSL."
Previous message: Bob Monsour: "Re: Shared Secret Authentication"
Maybe in reply to: Ned Smith: "Handling NULL key exchange for NULL_ ciphersuite"
Next in thread: David P. Kemp: "Re: Handling NULL key exchange for NULL_ ciphersuite"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC