[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (MQTT-425) Delete references to DES and discuss CHACHA20
Ken Borgendale created MQTT-425:
-----------------------------------
Summary: Delete references to DES and discuss CHACHA20
Key: MQTT-425
URL: https://issues.oasis-open.org/browse/MQTT-425
Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
Issue Type: Improvement
Components: core
Affects Versions: 5
Reporter: Ken Borgendale
The security section 5 has a reference to AES and DES as cipher suites for mobile and embedded devices. The current recommendation for security is to totally disable all DES based ciphers including 3DES.
The new cipher suite which is designed for use in less powerful devices is CHACHA20 which has equivalent encryption to AES but is faster to encrypt on processors without hardware support. The downside for now is that a lot of servers do not support it.
I would actually like to remove section 5 as I think it is orthogonal to the MQTT specification, and highly prone to become outdated. However, if we decide to keep it we should keep it up to date at least at the time we release the specification.
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]