[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Conformance requirements - SSL/TLS issues
The conformance requirements document has a section on SSL/TLS, section 4. Do we really need to specify (through the use of sub-section headings) the TLS algorithm for SOAP and the SSL algorithm for Web SSO? I note that there is no such distinction in the security considerations document, section 4.5.2. Perhaps we should remove these section headings. We may also want to add the statements regarding the equivalent FIPS algorithms to the SSL conformance section from the security considerations document. Is it reasonable to also require implementation of TLS_RSA_WITH_RC4_128_SHA? regards, Frederick Frederick Hirsch Nokia
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]