Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Determine replacement MTI cipher suite #32

ekr opened this Issue May 3, 2014 · 2 comments


None yet
2 participants
Copy link

ekr commented May 3, 2014

Now that we are removing static RSA cipher suites, we need a new MTI cipher suite.


This comment has been minimized.

Copy link
Contributor Author

ekr commented Sep 22, 2015

From Sean's mail

o Symmetric:
[SHOULD ChaCha20-Poly1305]

o Hash:

o Key Agreement: ECDH
MUST P-256
[SHOULD 25519]

o Signature:

@ekr ekr added the Editor Ready label Sep 22, 2015

@ekr ekr closed this in db0ef3e Sep 26, 2015

ekr added a commit that referenced this issue Sep 26, 2015

Merge pull request #267 from ekr/issue32_mti_ciphers
Add MTI cipher suites. Fixes #32

This comment has been minimized.

Copy link

dawud-tan commented May 13, 2018

Dear Mr. @ekr, currently I'm very interested in studying non-repudiation, then I found S-HTTP (RFC 2660) that offer non-repudiation security service. I also found that AS2 (RFC 4130) also offers this kind of service, but then I wonder why non-repudiation service is not becoming ubiquotus? Why AEAD replace HMAC, does hash function is too heavy, or hash is more appropriate for digital signature world? Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.