Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Ben Smyth <research@bensmyth.com> Tue, 01 December 2020 05:52 UTC
Return-Path: <research@bensmyth.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B793E3A0A8E for <last-call@ietfa.amsl.com>; Mon, 30 Nov 2020 21:52:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bensmyth.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 88CogbNTmsXa for <last-call@ietfa.amsl.com>; Mon, 30 Nov 2020 21:52:48 -0800 (PST)
Received: from 5.smtp.34sp.com (5.smtp.34sp.com [IPv6:2a00:1ee0:2:5::2eb7:8e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 480953A0B0E for <last-call@ietf.org>; Mon, 30 Nov 2020 21:52:48 -0800 (PST)
Received: from smtpauth2.mailarray.34sp.com (lvs5.34sp.com [46.183.13.73]) by 5.smtp.34sp.com (Postfix) with ESMTPS id F01542C1EBD for <last-call@ietf.org>; Tue, 1 Dec 2020 05:52:24 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bensmyth.com; s=dkim; t=1606801945; bh=oqx5oQgDom/zTrrhKJEY3icrNc8uSobGSO7gvwRarG8=; h=References:In-Reply-To:Reply-To:From:Date:Subject:To:Cc; b=Cywk8prlFv9O4nzEeBeWh2KY82wDnMiQSZfb6cCNGF++Zdr/tMrqGofYnCIiaOdME U8J3XaD3+0ntkU3hfnbozbQOcz1N2iqrtpYvkWQJRHH5ECUSBptY8XcqWuh32j59MM zJj4GBngVFKQ4tTN7n8HJWShfso2XO3KATrJemKo=
Received: from mail-vs1-f42.google.com ([209.85.217.42]:36516) by smtpauth2.mailarray.34sp.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from <research@bensmyth.com>) id 1kjyaO-0006Kg-PP; Tue, 01 Dec 2020 05:52:24 +0000
Received: by mail-vs1-f42.google.com with SMTP id m62so308294vsd.3; Mon, 30 Nov 2020 21:52:24 -0800 (PST)
X-Gm-Message-State: AOAM530jqolkC6uGswroHcxyulnCWPfJ+wHpqERdJs89CLuB9qgQUOTh 57SaQzOU7ZUmO3DURPl7hCdsvzJyOfzw7Ceh2Ec=
X-Google-Smtp-Source: ABdhPJxQoXtMZw/9E+Z6VQo3ivy8ius/DLu8yhmzerse/B8HR4VaFf5kI09YkkX+zm4N64C0vq8rzIfyI6krXEXknac=
X-Received: by 2002:a05:6102:802:: with SMTP id g2mr1198233vsb.8.1606801943351; Mon, 30 Nov 2020 21:52:23 -0800 (PST)
MIME-Version: 1.0
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
In-Reply-To: <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
Reply-To: research@bensmyth.com
From: Ben Smyth <research@bensmyth.com>
Date: Tue, 01 Dec 2020 06:52:12 +0100
X-Gmail-Original-Message-ID: <CA+_8xu2V7ZD9jmSH3t=yQua2WO=DjGYAgs196Xc2ba5UtOX29w@mail.gmail.com>
Message-ID: <CA+_8xu2V7ZD9jmSH3t=yQua2WO=DjGYAgs196Xc2ba5UtOX29w@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Keith Moore <moore@network-heretics.com>, last-call@ietf.org, draft-ietf-tls-oldversions-deprecate@ietf.org, tls-chairs@ietf.org, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ed54305b560bb5a"
X-Authenticated-As: research@bensmyth.com
X-OriginalSMTPIP: 209.85.217.42
X-34spcom-MailScanner-Information: Please contact the ISP for more information
X-34spcom-MailScanner-ID: F01542C1EBD.A67CA
X-34spcom-MailScanner: Found to be clean
X-34spcom-MailScanner-SpamCheck: not spam, SpamAssassin (score=-11.1, required 6.5, autolearn=disabled, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, HTML_MESSAGE 0.00, SPF_PASS -0.00, X34SP_ALLOW_GMAIL_EVEN_IF_BLACKLISTED -10.00, X34SP_OVERRIDE -1.00)
X-34spcom-MailScanner-From: research@bensmyth.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/AlKgkeSGvBhtJZIqKiEdrJtJ86g>
X-Mailman-Approved-At: Thu, 03 Dec 2020 18:22:05 -0800
Subject: Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 05:53:00 -0000
I haven't followed all the nuances of this discussion, but it seems to boil down to use of "MUST NOT" when certain "EXCEPTIONS MAY" exist for private enterprise running legacy kit, which makes decision makers anxious, since they don't want responsibility for something they "MUST NOT" do: A solution might be to introduce "MUST NOT...EXCEPTIONS MAY" language, thereby allowing sectors to define their standards/principles/expectations.
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Sean Turner
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… RFC ISE (Adrian Farrel)
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Martin Duke
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Olle E. Johansson
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Bill Frantz
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Joe Abley
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Gary Gapinski
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Watson Ladd
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ben Smyth
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… tom petch
- [Last-Call] Next steps on Deprecation/Obsolescenc… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Rob Sayre
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ackermann, Michael
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eric Rescorla
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Christian de Larrinaga
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Kathleen Moriarty
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Michael Richardson
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eric Rescorla
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Stewart Bryant
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Christian de Larrinaga
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Kathleen Moriarty
- [Last-Call] How old is too old and what this mean… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Michael Richardson
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch