Re: BCP for good TLS practices? (Was: Last Call: <draft-elie-nntp-tls-recommendations-01.txt> (Use of Transport Layer Security (TLS) in the Network News Transfer Protocol (NNTP)) to Proposed Standard
Julien ÉLIE <julien@trigofacile.com> Mon, 28 November 2016 21:05 UTC
Return-Path: <julien@trigofacile.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E94D12958D for <ietf@ietfa.amsl.com>; Mon, 28 Nov 2016 13:05:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s3wJMkWt-quS for <ietf@ietfa.amsl.com>; Mon, 28 Nov 2016 13:05:41 -0800 (PST)
Received: from smtp.smtpout.orange.fr (smtp01.smtpout.orange.fr [80.12.242.123]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D356129FBF for <ietf@ietf.org>; Mon, 28 Nov 2016 13:05:39 -0800 (PST)
Received: from macbook-pro-de-julien-elie.home ([92.170.5.52]) by mwinf5d02 with ME id DZ5c1u00217Lgi403Z5cPT; Mon, 28 Nov 2016 22:05:37 +0100
X-ME-Helo: macbook-pro-de-julien-elie.home
X-ME-Auth: anVsaWVuLmVsaWU0ODdAd2FuYWRvby5mcg==
X-ME-Date: Mon, 28 Nov 2016 22:05:37 +0100
X-ME-IP: 92.170.5.52
Subject: Re: BCP for good TLS practices? (Was: Last Call: <draft-elie-nntp-tls-recommendations-01.txt> (Use of Transport Layer Security (TLS) in the Network News Transfer Protocol (NNTP)) to Proposed Standard
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, ietf@ietf.org, draft-elie-nntp-tls-recommendations.all@ietf.org
References: <148035153084.5510.13278742493736503746.idtracker@ietfa.amsl.com> <20161128204105.GA28690@laperouse.bortzmeyer.org>
From: Julien ÉLIE <julien@trigofacile.com>
Organization: TrigoFACILE -- http://www.trigofacile.com/
Message-ID: <9a2d3064-7d3b-83ec-52cc-d4b01e90a1c2@trigofacile.com>
Date: Mon, 28 Nov 2016 22:05:36 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.5.0
MIME-Version: 1.0
In-Reply-To: <20161128204105.GA28690@laperouse.bortzmeyer.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/0t1DszUrG-e9VePcTiTT0bpvk0o>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2016 21:05:41 -0000
Bonsoir Stéphane,
>> The IESG has received a request from an individual submitter to consider
>> the following document:
>> - 'Use of Transport Layer Security (TLS) in??the??Network??News??Transfer
>> Protocol (NNTP)'
>> <draft-elie-nntp-tls-recommendations-01.txt> as Proposed Standard
>
> I've read draft-elie-nntp-tls-recommendations-01.txt, I agree with its
> general idea with respect to the old RFC 4642 (moving away from
> specific TLS recommendentions to just a reference to established
> generic TLS RFCs, RFC 4642 even mandated RC4!), and I think it is
> ready to be published on the standards track.
Many thanks for having taken time to read the document.
> I still have a question about the fact that it references RFC
> 7525. Since TLS recommandations may change (and certainly will, for
> instance because of the progress of cryptanalysis), wouldn't it be
> better to use the BCP number 195?
Good point. I'll see with Alexey as AD if that's OK for him to
reference RFC 7525 as BCP 195 in the document.
> Otherwise, I would drop appendix B. It is useless since we have RFC
> 2804, and it may even be obsolete (are there still countries with
> serious export restrictions on crypto?)
OK to drop Appendix B.
--
Julien ÉLIE
« – Je me sens un peu rouillé ! C'est sûrement à cause des
pluies provoquées par Assurancetourix !
– En attendant c'est nous qui dérouillons ! » (Astérix)
- BCP for good TLS practices? (Was: Last Call: <dra… Stephane Bortzmeyer
- Re: BCP for good TLS practices? (Was: Last Call: … Julien ÉLIE