Re: Handling NULL key exchange for NULL_ ciphersuite

> To close out this issue, I propose that the TLS spec forbid
> negotiating to NULL_WITH_NULL_NULL. I understand
> the argument for testing, but I suspect the risks of this in
> practical deployment make it dangerous.
> Win Treese

I concur.

Received on Monday, 10 February 1997 10:00:28 UTC