Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Ted Lemon <mellon@fugue.com> Wed, 02 December 2020 19:46 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31F123A13A1 for <last-call@ietfa.amsl.com>; Wed, 2 Dec 2020 11:46:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YJzz96zU4DaQ for <last-call@ietfa.amsl.com>; Wed, 2 Dec 2020 11:46:33 -0800 (PST)
Received: from mail-qv1-xf35.google.com (mail-qv1-xf35.google.com [IPv6:2607:f8b0:4864:20::f35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D76E3A1541 for <last-call@ietf.org>; Wed, 2 Dec 2020 11:46:33 -0800 (PST)
Received: by mail-qv1-xf35.google.com with SMTP id ec16so1307173qvb.0 for <last-call@ietf.org>; Wed, 02 Dec 2020 11:46:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=adrefePpypqJ67xKfgb9T1A8OcJzklCIAxPWEj0O0+g=; b=DeogPUzaPpl6ik/nNHPd/bvhwsK3JirvqEj6wPb7WnZEhD6lnd7sGwGPvtCnUxmFGK 0R5YbgrMn5WLKb3rUesjN99T8mCXdnPeDW16iyz4Uh9XWTevLx6suF2fqVZd/oKYUUzR tCKc2Bei8tDZ9Jhk8pv3ujXiHuQiACXwIi6CHI4uzudCnskiE0x+GfM7w/486VLVwGPh 0Az71mmmM7IY1pTPLfZ/cemCIxANvdC99vMy0hpb/eU/h8FtblaMg+HBBXcZ4ME5uCzF xC6vHOr+uuW8p8Juz12lvuG5BUe3Zfb3WYQTxQnI1ov5h9EuDKVOofMaFYMHZxx6f40L 6IIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=adrefePpypqJ67xKfgb9T1A8OcJzklCIAxPWEj0O0+g=; b=WoTEPtZLuBVmy8/6gCsB456XtMMi/qH+Jb1LLEKhn1QtL5Rdyr1wGS8FCCoW5PjVm8 Xi2OAdJDWKXIs/3d2Vk1fx4uuQB7rjW0uTOSgZRRcdwuK3ULMxCCvRDiygkupT6FW8A5 F7uCyEVZrOMLwY5MZV+94cQxFMmBJw00AUNX2cESwu/Ip46FO1iOAWbxMasYDy1mNPFA Qd97NJzxUCi792Xylyd3fq/mWGnJ/PUtOaNvQ7GeCO40LeWZPuHvD6sgtg7m31JpV+Wb aMOypnwMsll66R84/EYwbz9KiwAg73PYG+P9CxNAUVhJmsIg1ERbRFXZyKsWEfG+rj1A 7hAw==
X-Gm-Message-State: AOAM532X+oQb+hllFP3rmtiZdm6BVf1yTLGaZSjCNp4+IBJp+WfgctPQ VlOYte6/pWYmx2fNXxVq5JtZgQ==
X-Google-Smtp-Source: ABdhPJwsREsima4wWuWU5wPB6k/DhyzJnLb5QZa6m8m5v0epr0kgsUVbGrLWeqmc2MtFcVDUNF6Ohw==
X-Received: by 2002:a0c:b8ae:: with SMTP id y46mr4208807qvf.51.1606938392153; Wed, 02 Dec 2020 11:46:32 -0800 (PST)
Received: from mithrandir.lan (c-24-91-177-160.hsd1.ma.comcast.net. [24.91.177.160]) by smtp.gmail.com with ESMTPSA id w9sm2894190qti.45.2020.12.02.11.46.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Dec 2020 11:46:31 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <5D733BFE-33D4-4062-BE11-69F68AA479C8@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C8CA741B-8EDC-4925-8605-52BC42FFE95B"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.40.0.2.32\))
Date: Wed, 02 Dec 2020 14:46:30 -0500
In-Reply-To: <SN6PR02MB4512CBA9E4BF6AAC778BC674C3F30@SN6PR02MB4512.namprd02.prod.outlook.com>
Cc: "Ackermann, Michael" <MAckermann@bcbsm.com>, Eliot Lear <lear=40cisco.com@dmarc.ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "draft-ietf-tls-oldversions-deprecate@ietf.org" <draft-ietf-tls-oldversions-deprecate@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "tls@ietf.org" <tls@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>
To: "STARK, BARBARA H" <bs7652@att.com>
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie> <1606814941532.76373@cs.auckland.ac.nz> <36C74BF4-FF8A-4E79-B4C8-8A03BEE94FCE@cisco.com> <SN6PR02MB4512D55EC7F4EB00F5338631C3F40@SN6PR02MB4512.namprd02.prod.outlook.com> <1606905858825.10547@cs.auckland.ac.nz> <EEFAB41B-1307-4596-8A2E-11BF8C1A2330@cisco.com> <BYAPR14MB31763782200348F502A70DA4D7F30@BYAPR14MB3176.namprd14.prod.outlook.com> <SN6PR02MB4512B95842251AE4C04B199CC3F30@SN6PR02MB4512.namprd02.prod.outlook.com> <BYAPR14MB31765FD24F4DFD90F81AEE2BD7F30@BYAPR14MB3176.namprd14.prod.outlook.com> <SN6PR02MB4512CBA9E4BF6AAC778BC674C3F30@SN6PR02MB4512.namprd02.prod.outlook.com>
X-Mailer: Apple Mail (2.3654.40.0.2.32)
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/hFcxccZXCjI4UGvD8AutzXhN-8M>
Subject: Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 19:46:35 -0000
On Dec 2, 2020, at 1:51 PM, STARK, BARBARA H <bs7652@att.com> wrote: > The final version of this was published over a year ago (August 2019). The first draft was in 2017. > You said enterprises needed 1-2 years (or more) lead time. In the US, I think they've had at least 3 years lead time, so far. Actually, when we had this conversation in Prague in 2017 (admittedly, at the time we were talking about the TLS 1.3 transition), Michael mentioned that he’d been asking for extensions for PCI compliance in the transition to TLS 1.2. IIRC the requirements had been announced at least five years prior, although I don’t remember the precise details. So the point is, this was something that any industry that processes credit cards has known about and had as a burning issue for much longer than 1-2 years.
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Sean Turner
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… RFC ISE (Adrian Farrel)
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eric Rescorla
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Martin Duke
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Olle E. Johansson
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Bill Frantz
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Joe Abley
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Gary Gapinski
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Watson Ladd
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ben Smyth
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… tom petch
- [Last-Call] Next steps on Deprecation/Obsolescenc… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Rob Sayre
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ackermann, Michael
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eric Rescorla
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Christian de Larrinaga
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Salz, Rich
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Kathleen Moriarty
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Michael Richardson
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eric Rescorla
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Stewart Bryant
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Ted Lemon
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Christian de Larrinaga
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Kathleen Moriarty
- [Last-Call] How old is too old and what this mean… Eliot Lear
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Michael Richardson
- Re: [Last-Call] Next steps on Deprecation/Obsoles… Rob Sayre
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… Stephen Farrell
- Re: [Last-Call] Last Call: <draft-ietf-tls-oldver… tom petch