IETF Logo Mail Archive

Re: [TLS] Ciphersuite Recommendations

Adam Montville <Adam.Montville@cisecurity.org> Thu, 14 November 2013 20:58 UTC

Return-Path: <Adam.Montville@cisecurity.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A07B21E80FE for <tls@ietfa.amsl.com>; Thu, 14 Nov 2013 12:58:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.276
X-Spam-Level:
X-Spam-Status: No, score=-2.276 tagged_above=-999 required=5 tests=[AWL=-0.278, BAYES_00=-2.599, J_CHICKENPOX_21=0.6, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OUr-hK+8sy0 for <tls@ietfa.amsl.com>; Thu, 14 Nov 2013 12:58:27 -0800 (PST)
Received: from mail1.bemta8.messagelabs.com (mail1.bemta8.messagelabs.com [216.82.243.197]) by ietfa.amsl.com (Postfix) with ESMTP id 4756B21E80A8 for <tls@ietf.org>; Thu, 14 Nov 2013 12:58:27 -0800 (PST)
Received: from [216.82.241.211:24689] by server-5.bemta-8.messagelabs.com id 9F/31-00756-27935825; Thu, 14 Nov 2013 20:58:26 +0000
X-Env-Sender: Adam.Montville@cisecurity.org
X-Msg-Ref: server-16.tower-85.messagelabs.com!1384462706!24697188!2
X-Originating-IP: [69.195.43.86]
X-StarScan-Received:
X-StarScan-Version: 6.9.13; banners=cisecurity.org,-,-
X-VirusChecked: Checked
Received: (qmail 18693 invoked from network); 14 Nov 2013 20:58:26 -0000
Received: from mail.msisac.org (HELO mail.msisac.org) (69.195.43.86) by server-16.tower-85.messagelabs.com with AES128-SHA encrypted SMTP; 14 Nov 2013 20:58:26 -0000
Received: from CISEXCHANGE1.msisac.org.local ([fe80::4f0:b68d:e779:38c3]) by CISEXCHANGE2.msisac.org.local ([::1]) with mapi id 14.02.0347.000; Thu, 14 Nov 2013 15:57:07 -0500
From: Adam Montville <Adam.Montville@cisecurity.org>
To: Yaron Sheffer <yaronf.ietf@gmail.com>, Peter Saint-Andre <stpeter@stpeter.im>, Tom Ritter <tom@ritter.vg>
Thread-Topic: [TLS] Ciphersuite Recommendations
Thread-Index: Ac7hUPHwoYCAtMzWSWiPMOHA4gZ+igARFzuAAAaC0bD//+yZgIAAAKOAgABTspA=
Date: Thu, 14 Nov 2013 20:57:11 +0000
Message-ID: <05BCCEB107AF88469B9F99783D47C1D6065CE405@CISEXCHANGE1.msisac.org.local>
References: <05BCCEB107AF88469B9F99783D47C1D6065CDEC3@CISEXCHANGE1.msisac.org.local> <CA+cU71nfMXw+-SwkkqGYut8qxXKNeWnWNRbCSFrKD=5+=E1avw@mail.gmail.com> <05BCCEB107AF88469B9F99783D47C1D6065CE3D2@CISEXCHANGE1.msisac.org.local> <52853893.4020800@stpeter.im> <5285391B.8030707@gmail.com>
In-Reply-To: <5285391B.8030707@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.252.38]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Ciphersuite Recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Nov 2013 20:58:32 -0000

> -----Original Message-----
> From: Yaron Sheffer [mailto:yaronf.ietf@gmail.com]
> Sent: Thursday, November 14, 2013 2:56 PM
> To: Peter Saint-Andre; Adam Montville; Tom Ritter
> Cc: tls@ietf.org
> Subject: Re: [TLS] Ciphersuite Recommendations
> 
> Yes, this is our intention.

For what it might be worth, I'll ask some of my constituents to review the draft and provide usability feedback.  These are operator/administrators who would be asked to configure their systems in a secure manner.

> 
> Thanks,
> 	Yaron
> 
> On 11/14/2013 10:54 PM, Peter Saint-Andre wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On 11/14/13 1:50 PM, Adam Montville wrote:
> >> Yes, that looks about right.
> >>
> >> I was surprised, actually, that there was no IETF guidance available.
> >>
> >> Anyone on this list think it?s a good idea to provide some?  I do.
> >
> > Isn't that what
> > https://datatracker.ietf.org/doc/draft-sheffer-tls-bcp/ is doing, in part?
> >
> > Peter
> >
> 
> ...

. . .

v2.23.0 | Report a Bug | By Email