Re: [Crisp] draft-newton-crisp-iris-xpc-00.txt
Andrew Newton <andy@hxr.us> Wed, 16 March 2005 23:11 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA11009 for <crisp-web-archive@ietf.org>; Wed, 16 Mar 2005 18:11:30 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DBhjv-0001qD-Te for crisp-web-archive@ietf.org; Wed, 16 Mar 2005 18:15:49 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DBhcD-0000Ly-NM; Wed, 16 Mar 2005 18:07:49 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DBhcC-0000Lr-7s for crisp@megatron.ietf.org; Wed, 16 Mar 2005 18:07:48 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA10355 for <crisp@ietf.org>; Wed, 16 Mar 2005 18:07:45 -0500 (EST)
Received: from [64.151.105.12] (helo=zak.ecotroph.net) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DBhgI-0001i9-RI for crisp@ietf.org; Wed, 16 Mar 2005 18:12:04 -0500
Received: from [10.131.244.246] ([::ffff:216.168.239.87]) (AUTH: PLAIN anewton, SSL: TLSv1/SSLv3,128bits,RC4-SHA) by zak.ecotroph.net with esmtp; Wed, 16 Mar 2005 18:07:42 -0500 id 000ABADF.4238BC3E.00004635
Mime-Version: 1.0 (Apple Message framework v619.2)
In-Reply-To: <DF91D469-7BB8-11D9-BC8F-000D9358DFD8@hxr.us>
References: <DF91D469-7BB8-11D9-BC8F-000D9358DFD8@hxr.us>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Message-Id: <7794b574d9199c0a1d9dd3117e09c161@hxr.us>
Content-Transfer-Encoding: 7bit
From: Andrew Newton <andy@hxr.us>
Subject: Re: [Crisp] draft-newton-crisp-iris-xpc-00.txt
Date: Wed, 16 Mar 2005 18:07:39 -0500
To: CRISP WG <crisp@ietf.org>
X-Mailer: Apple Mail (2.619.2)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d6b246023072368de71562c0ab503126
Content-Transfer-Encoding: 7bit
X-BeenThere: crisp@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Cross Registry Information Service Protocol <crisp.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/crisp>, <mailto:crisp-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:crisp@ietf.org>
List-Help: <mailto:crisp-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/crisp>, <mailto:crisp-request@ietf.org?subject=subscribe>
Sender: crisp-bounces@ietf.org
Errors-To: crisp-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007
Content-Transfer-Encoding: 7bit
> I've already received one private comment regarding it. In summary,
> the suggestion was to eliminate the raw TCP aspect and strictly use
> TLS, having clients specify SSL_NULL_WITH_NULL_NULL cipher suite when
> no encryption is needed.
Just to follow up, I do not think this is a good idea because:
1 - it forces people who never need TLS to have TLS
2 - George's comment ("users think they get encryption")
3 - Limitation in library support for SSL_NULL_WITH_NULL_NULL
a - No way to specify cipher lists with Python
m2crptyo and PyOpenSSL probably give this level of control
b - JSSE does not support it.
c - OpenSSL does not support it (openssl ciphers -v).
if this is correct, that means A LOT of things can't do it
-andy
_______________________________________________
Crisp mailing list
Crisp@ietf.org
https://www1.ietf.org/mailman/listinfo/crisp
- [Crisp] draft-newton-crisp-iris-xpc-00.txt Andrew Newton
- Re: [Crisp] draft-newton-crisp-iris-xpc-00.txt George Michaelson
- Re: [Crisp] draft-newton-crisp-iris-xpc-00.txt Andrew Newton
- Re: [Crisp] draft-newton-crisp-iris-xpc-00.txt Andrew Newton