Yes, in general it's a good idea to acknowledge that TLS implementations need to implement the mandatory-to-implement ciphersuites for the versions they support. With respect to NIST guidance, I'm a bit puzzled (e.g. SP 800-120 seems to imply that the 1.1 mandatory-to-implement ciphersuite is ok, but the 1.2 one is not). |
> Subject: RE: Issue 282: cipher suites, discussion needed
> Date: Mon, 16 Feb 2009 21:48:38 -0800
> From: email@example.com
> To: firstname.lastname@example.org
> CC: email@example.com
> You could just leave this to the TLS specification. For version 1.0 and 1.1 it is TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA and for 1.2 it is TLS_RSA_WITH_AES_128_CBC_SHA. If it is common today for implementations also to implement the RC4 ciphers you can have that as a recommendation as well. Something like:
> "RADSEC implementation MUST support he mandatory to implement cipher suites specified in TLS. For purposes of compatibility with some current deployments implementations SHOULD support TLS_RSA_WITH_RC4_128_SHA as well."