IETF Logo Mail Archive

Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

Ben Smyth <research@bensmyth.com> Tue, 01 December 2020 05:52 UTC

Return-Path: <research@bensmyth.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B793E3A0A8E for <last-call@ietfa.amsl.com>; Mon, 30 Nov 2020 21:52:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bensmyth.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 88CogbNTmsXa for <last-call@ietfa.amsl.com>; Mon, 30 Nov 2020 21:52:48 -0800 (PST)
Received: from 5.smtp.34sp.com (5.smtp.34sp.com [IPv6:2a00:1ee0:2:5::2eb7:8e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 480953A0B0E for <last-call@ietf.org>; Mon, 30 Nov 2020 21:52:48 -0800 (PST)
Received: from smtpauth2.mailarray.34sp.com (lvs5.34sp.com [46.183.13.73]) by 5.smtp.34sp.com (Postfix) with ESMTPS id F01542C1EBD for <last-call@ietf.org>; Tue, 1 Dec 2020 05:52:24 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bensmyth.com; s=dkim; t=1606801945; bh=oqx5oQgDom/zTrrhKJEY3icrNc8uSobGSO7gvwRarG8=; h=References:In-Reply-To:Reply-To:From:Date:Subject:To:Cc; b=Cywk8prlFv9O4nzEeBeWh2KY82wDnMiQSZfb6cCNGF++Zdr/tMrqGofYnCIiaOdME U8J3XaD3+0ntkU3hfnbozbQOcz1N2iqrtpYvkWQJRHH5ECUSBptY8XcqWuh32j59MM zJj4GBngVFKQ4tTN7n8HJWShfso2XO3KATrJemKo=
Received: from mail-vs1-f42.google.com ([209.85.217.42]:36516) by smtpauth2.mailarray.34sp.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from <research@bensmyth.com>) id 1kjyaO-0006Kg-PP; Tue, 01 Dec 2020 05:52:24 +0000
Received: by mail-vs1-f42.google.com with SMTP id m62so308294vsd.3; Mon, 30 Nov 2020 21:52:24 -0800 (PST)
X-Gm-Message-State: AOAM530jqolkC6uGswroHcxyulnCWPfJ+wHpqERdJs89CLuB9qgQUOTh 57SaQzOU7ZUmO3DURPl7hCdsvzJyOfzw7Ceh2Ec=
X-Google-Smtp-Source: ABdhPJxQoXtMZw/9E+Z6VQo3ivy8ius/DLu8yhmzerse/B8HR4VaFf5kI09YkkX+zm4N64C0vq8rzIfyI6krXEXknac=
X-Received: by 2002:a05:6102:802:: with SMTP id g2mr1198233vsb.8.1606801943351; Mon, 30 Nov 2020 21:52:23 -0800 (PST)
MIME-Version: 1.0
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
In-Reply-To: <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
Reply-To: research@bensmyth.com
From: Ben Smyth <research@bensmyth.com>
Date: Tue, 01 Dec 2020 06:52:12 +0100
X-Gmail-Original-Message-ID: <CA+_8xu2V7ZD9jmSH3t=yQua2WO=DjGYAgs196Xc2ba5UtOX29w@mail.gmail.com>
Message-ID: <CA+_8xu2V7ZD9jmSH3t=yQua2WO=DjGYAgs196Xc2ba5UtOX29w@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Keith Moore <moore@network-heretics.com>, last-call@ietf.org, draft-ietf-tls-oldversions-deprecate@ietf.org, tls-chairs@ietf.org, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ed54305b560bb5a"
X-Authenticated-As: research@bensmyth.com
X-OriginalSMTPIP: 209.85.217.42
X-34spcom-MailScanner-Information: Please contact the ISP for more information
X-34spcom-MailScanner-ID: F01542C1EBD.A67CA
X-34spcom-MailScanner: Found to be clean
X-34spcom-MailScanner-SpamCheck: not spam, SpamAssassin (score=-11.1, required 6.5, autolearn=disabled, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, HTML_MESSAGE 0.00, SPF_PASS -0.00, X34SP_ALLOW_GMAIL_EVEN_IF_BLACKLISTED -10.00, X34SP_OVERRIDE -1.00)
X-34spcom-MailScanner-From: research@bensmyth.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/AlKgkeSGvBhtJZIqKiEdrJtJ86g>
X-Mailman-Approved-At: Thu, 03 Dec 2020 18:22:05 -0800
Subject: Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 05:53:00 -0000

I haven't followed all the nuances of this discussion, but it seems to boil
down to use of "MUST NOT" when certain "EXCEPTIONS MAY" exist for private
enterprise running legacy kit, which makes decision makers anxious, since
they don't want responsibility for something they "MUST NOT" do: A solution
might be to introduce "MUST NOT...EXCEPTIONS MAY" language, thereby
allowing sectors to define their standards/principles/expectations.

v2.23.0 | Report a Bug | By Email