[CAMP-19] SSL Cipher Suite - OASIS Technical Committees Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: Spec
Labels:
None

Proposal:

Hide

https://www.oasis-open.org/apps/org/workgroup/camp/download.php/48168/camp-19-2013-02-06.doc

Show
https://www.oasis-open.org/apps/org/workgroup/camp/download.php/48168/camp-19-2013-02-06.doc
Resolution:

Hide

Resolved on 2013-02-06 concall, using proposal https://www.oasis-open.org/apps/org/workgroup/camp/download.php/48168/camp-19-2013-02-06.doc

Show
Resolved on 2013-02-06 concall, using proposal https://www.oasis-open.org/apps/org/workgroup/camp/download.php/48168/camp-19-2013-02-06.doc

Description

In the spec, it calls for a specific supported cipher quite for TLS. That includes an unencrypted variant, which is not a best practice. Consider eliminating that one. The only legitimate use cases for those are where the credentials are protected, but the payloads are not (for performance reasons). This only really makes sense when the end user knows the data being transferred is not sensitive. That will almost never be the case for a system implemented with this spec. If a "null" type cipher is desired by an implementer, that certainly may be added through extensibility. It should not be required for purposes of interoperability.

This issue was raised by Ashok Malhotra and was drupal issue # 1090

Attachments

Activity

People

Assignee:

Adrian Otto (Inactive)

Reporter:

Anish Karmarkar (Inactive)

Watchers:

0 Start watching this issue

Dates

Created:

02/Nov/12 7:25 PM

Updated:

11/Mar/13 8:35 AM

Resolved:

12/Feb/13 10:00 PM