IETF Logo Mail Archive

Re: [TLS] Ciphersuite Recommendations

Adam Montville <Adam.Montville@cisecurity.org> Thu, 14 November 2013 20:57 UTC

Return-Path: <Adam.Montville@cisecurity.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCE1721F9B9F for <tls@ietfa.amsl.com>; Thu, 14 Nov 2013 12:57:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.282
X-Spam-Level:
X-Spam-Status: No, score=-2.282 tagged_above=-999 required=5 tests=[AWL=-0.284, BAYES_00=-2.599, J_CHICKENPOX_21=0.6, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ijIOrTuSwjeK for <tls@ietfa.amsl.com>; Thu, 14 Nov 2013 12:57:19 -0800 (PST)
Received: from mail1.bemta12.messagelabs.com (mail1.bemta12.messagelabs.com [216.82.251.7]) by ietfa.amsl.com (Postfix) with ESMTP id BCB3C21F9AD5 for <tls@ietf.org>; Thu, 14 Nov 2013 12:57:19 -0800 (PST)
Received: from [216.82.250.19:4420] by server-7.bemta-12.messagelabs.com id 28/A7-06248-F2935825; Thu, 14 Nov 2013 20:57:19 +0000
X-Env-Sender: Adam.Montville@cisecurity.org
X-Msg-Ref: server-14.tower-87.messagelabs.com!1384462638!13021100!2
X-Originating-IP: [69.195.43.86]
X-StarScan-Received:
X-StarScan-Version: 6.9.13; banners=cisecurity.org,-,-
X-VirusChecked: Checked
Received: (qmail 19836 invoked from network); 14 Nov 2013 20:57:19 -0000
Received: from mail.msisac.org (HELO mail.msisac.org) (69.195.43.86) by server-14.tower-87.messagelabs.com with AES128-SHA encrypted SMTP; 14 Nov 2013 20:57:19 -0000
Received: from CISEXCHANGE1.msisac.org.local ([fe80::4f0:b68d:e779:38c3]) by CISEXCHANGE2.msisac.org.local ([::1]) with mapi id 14.02.0347.000; Thu, 14 Nov 2013 15:55:59 -0500
From: Adam Montville <Adam.Montville@cisecurity.org>
To: Peter Saint-Andre <stpeter@stpeter.im>, Tom Ritter <tom@ritter.vg>
Thread-Topic: [TLS] Ciphersuite Recommendations
Thread-Index: Ac7hUPHwoYCAtMzWSWiPMOHA4gZ+igARFzuAAAaC0bD//+yZgIAAU6Xw
Date: Thu, 14 Nov 2013 20:56:03 +0000
Message-ID: <05BCCEB107AF88469B9F99783D47C1D6065CE3F4@CISEXCHANGE1.msisac.org.local>
References: <05BCCEB107AF88469B9F99783D47C1D6065CDEC3@CISEXCHANGE1.msisac.org.local> <CA+cU71nfMXw+-SwkkqGYut8qxXKNeWnWNRbCSFrKD=5+=E1avw@mail.gmail.com> <05BCCEB107AF88469B9F99783D47C1D6065CE3D2@CISEXCHANGE1.msisac.org.local> <52853893.4020800@stpeter.im>
In-Reply-To: <52853893.4020800@stpeter.im>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.252.38]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Ciphersuite Recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Nov 2013 20:57:23 -0000

> -----Original Message-----
> From: Peter Saint-Andre [mailto:stpeter@stpeter.im]
> Sent: Thursday, November 14, 2013 2:54 PM
> To: Adam Montville; Tom Ritter
> Cc: tls@ietf.org
> Subject: Re: [TLS] Ciphersuite Recommendations
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 11/14/13 1:50 PM, Adam Montville wrote:
> > Yes, that looks about right.
> >
> > I was surprised, actually, that there was no IETF guidance available.
> >
> > Anyone on this list think it?s a good idea to provide some?  I do.
> 
> Isn't that what
> https://datatracker.ietf.org/doc/draft-sheffer-tls-bcp/ is doing, in part?

It would appear so...thanks for pointing that out.  I communicated with a couple of others from this list who were not, apparently, aware of this work.

> 
> Peter
> 
> - --
> Peter Saint-Andre
> https://stpeter.im/
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> 
> iQIbBAEBAgAGBQJShTiTAAoJEOoGpJErxa2pcEAP+IiZlt/5VWNeirM5DFiK74gm
> MB24f0b65yctFqI5p3V0be2QaBtKmGAa7MZ7UNi8tz2N+vlt/t4EO/CeAVg3Fok
> U
> HzvErOflZrhP4KC7P8hoxthtXf95WPazsANt+qcfww5I+tVBsoaE3VSiokTXsAU8
> ZowY5d9ZIAaNcggFOkw0NAVX7e1Fxrhac4fuvAvFJRyEI2RkeL68fPVueZ4Vc9c1
> zrj1hVHAu5foAtaPkLRM3HIcsjaxNEzYKIs9mDyWXpK/RvW0JEDo4iA+XjGRsgx
> u
> zlnmKdawMHP6ljPYWVmi+qmccuAWJ3GDigQQ/NG0umUkEVAys9RAnJGhfP
> pRFYri
> i9KnIDcMe3RvXnmJkCuG3f9j9qBE19m6ucI+/gBuWGhBHNkzvq7HWNReWPW
> 7szn+
> I4JPwSOUnKw1K0xMm8+wH6KEmZLEb1ktrWthMJ3iXQTqHHXeCdbTcWkb46
> +TNiWA
> VCWa9hPfj2edrYSzhP3x6JNVjx4i7vSz/XcBy6FpFMBNkBlVbDldyCoEms1Kn9F5
> FF/9/fBdGLTuy2Bda7ORMRIsDpxZKfFx5ATBT4kmomwcm3Km0eSJEsC3V2VY
> mG8/
> gxXTWYQf7OwrGGp03uK+MgMROHtouZ8yHVlKNmhmwfZwfvIgP6HhUlqdaF
> j4H438
> ew5B6P3xOd5fBdzlHvI=
> =q8GT
> -----END PGP SIGNATURE-----
> 
> ...

. . .

v2.23.0 | Report a Bug | By Email