Re: [netconf] Create IANA-defined modules?

Qin Wu <> Tue, 15 June 2021 11:53 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4C05D3A2CC4 for <>; Tue, 15 Jun 2021 04:53:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5w59szqY8Rz1 for <>; Tue, 15 Jun 2021 04:53:10 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BCF383A2CC0 for <>; Tue, 15 Jun 2021 04:53:10 -0700 (PDT)
Received: from (unknown []) by (SkyGuard) with ESMTP id 4G46334MWcz6G7Y8 for <>; Tue, 15 Jun 2021 19:46:07 +0800 (CST)
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.2176.2; Tue, 15 Jun 2021 13:53:06 +0200
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2176.2; Tue, 15 Jun 2021 19:53:04 +0800
Received: from ([]) by ([]) with mapi id 15.01.2176.012; Tue, 15 Jun 2021 19:53:04 +0800
From: Qin Wu <>
To: tom petch <>, Kent Watsen <>, "Per Andersson (perander)" <>
CC: "" <>
Thread-Topic: [netconf] Create IANA-defined modules?
Thread-Index: Addh3KUhR+YrczgKwUaLplcUh/rY0A==
Date: Tue, 15 Jun 2021 11:53:04 +0000
Message-ID: <>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <>
Subject: Re: [netconf] Create IANA-defined modules?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Jun 2021 11:53:16 -0000

>>发件人: tom petch [] 
>>发送时间: 2021年6月15日 19:32
>>收件人: Qin Wu <>om>; Kent Watsen <>et>; Per Andersson (perander) <>
>>主题: Re: [netconf] Create IANA-defined modules?

>>From: Qin Wu <>
>>Sent: 15 June 2021 06:54

>> Kent Watsen []
 2021 6 5 0:22

>>Thank you Qin, Tom, and Per for the responses to my last post…this message addresses them all.

>>Since the discussion has been mostly about *how* to create the IANA-defined module (not *if* we should, e.g., dropping the work for some future effort to pickup), I take it that folks believe having the ability for configure supported-algorithms is needed now.  
>>no one offered to help (:sigh:, and people wonder why this work takes so long), I wrote the attached script that creates the attached module directly from the data obtained from the IANA-maintained "TLS Cipher Suites" sub-registry of the "Transport Layer 
>>Security (TLS) Parameters” registry here:  The resulting module is also attached.

>[Qin Wu]  The proposed module looks good to me, I assume these cipher-suite identities are not specific to particular version of TLS, e.g., TLS1.3.

>No, the exact opposite.  AFAIK there is no recommended ciphersuite that is common to TLS1.2 and TLS1.3 (or indeed one that is not recommended).  TLS1.3 is very different!

[Qin Wu] Thanks for your clarification, this aligns with what I understand.