Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp-tls-00.txt
Peter Saint-Andre <stpeter@stpeter.im> Mon, 09 September 2013 17:22 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F3E921F9DDE for <xmpp@ietfa.amsl.com>; Mon, 9 Sep 2013 10:22:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8OmBTJGtxz8L for <xmpp@ietfa.amsl.com>; Mon, 9 Sep 2013 10:21:56 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 1E59C21F9A05 for <xmpp@ietf.org>; Mon, 9 Sep 2013 10:21:56 -0700 (PDT)
Received: from ergon.local (unknown [128.107.239.233]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2E53C414CF; Mon, 9 Sep 2013 11:26:18 -0600 (MDT)
Message-ID: <522E03B2.4090601@stpeter.im>
Date: Mon, 09 Sep 2013 11:21:54 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: Dave Cridland <dave@cridland.net>
References: <20130909163208.24682.22846.idtracker@ietfa.amsl.com> <522DF8BC.7040701@stpeter.im> <CAKHUCzze4c5NweqZU1GD=qxSiVLLgY7evbh0Lk9wKr4FpQ9HXQ@mail.gmail.com>
In-Reply-To: <CAKHUCzze4c5NweqZU1GD=qxSiVLLgY7evbh0Lk9wKr4FpQ9HXQ@mail.gmail.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: XMPP <xmpp@ietf.org>
Subject: Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp-tls-00.txt
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 17:22:00 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/9/13 10:51 AM, Dave Cridland wrote: > On Mon, Sep 9, 2013 at 5:35 PM, Peter Saint-Andre > <stpeter@stpeter.im <mailto:stpeter@stpeter.im>> wrote: > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-saintandre-xmpp-tls-00 > > > Thanks for writing this, it looks like an excellent start. > > o Add information about the rationale for each recommendation, > perhaps in an appendix. > > That seems reasonable, but I don't think there's a need to describe > each recommendation individually. > > o Recommend a specific ciphersuite or a small number of > ciphersuites? > > Picking a small selection of SHOULD or MUST implement seems fair. BTW, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 seems to be something that folks prefer for TLS 1.2, but we'll want to recommend something for earlier versions of TLS, too. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSLgOyAAoJEOoGpJErxa2pV7AP/1PdLbgnZQ/a+Zv+5sgU17u7 5/dr9zjH7H5lhzvI0p3c4MdBm0RwqvCfkg/j3UqcyPpBGNnVyR2Rd1YXUf2R/IAy BACWIplXND/ieAW4KSxsBg7T7lOdbRzQ/ABtcc41cWkT1BteFNeWA5BsgSMrzuML Rc+3h+LT+AUZ1sgdCXWog+erZE2dcvR+BJ0BO6or8cjFr/0ImjhPShANndAGLAXW J5V+f3HO2cqTjAilOA0Bn8CPi2Zl0Usg8CBGoW65xRV/n/ho9tjEUp0Qe1zdHuuV hs14lUYBuawOtaR8c6PmZyl8IDC9xsePx4CYvFDEbmKarnCUdq3yZMgCg/I/FFe8 gfZKHVb7SeGQP8/THdJiwUudkCXLJ22uFb3I/LKgV7PU97eDWa/WbMvm7yU96IY9 Rca/OxbscTeD6FBIe0OehTkUivp9yGdCpBZtd80WkD0CUmU52AQ+cYtmaCdCLDu4 X+NC4I/sSiE7GML0GbvenTpz5uPEOjFAHhpqLXsX8TKQKFWPzyZUrGO5DeMnDLy6 FBpwhsvBqtU7gxh5N65qstOgh4Yx/vwc6PGlVszT2COaOV1JgYU3i0h4yfFeYKW8 Y/8w6AM3o2qVKEzuEP9A0tocVsiYVb4Od22NxH5nQIXLy1e2Fjn3iVCBCjnyjMcG SgzWZ80efe7A35e6Zd9F =KGqJ -----END PGP SIGNATURE-----
- [xmpp] Fwd: I-D Action: draft-saintandre-xmpp-tls… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Dave Cridland
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Matt Miller (mamille2)
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Philipp Hancke
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action: draft-saintandre-xmpp… Dave Cridland
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Olle E. Johansson
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Olle E. Johansson
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Tobias Markmann
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Olle E. Johansson
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Philipp Hancke
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Peter Saint-Andre
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Thijs Alkemade
- Re: [xmpp] I-D Action: draft-saintandre-xmpp-tls-… Peter Saint-Andre