Re: [OAUTH-WG] Referencing TLS
John Bradley <ve7jtb@ve7jtb.com> Fri, 03 April 2015 19:40 UTC
Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62EB21A0191 for <oauth@ietfa.amsl.com>; Fri, 3 Apr 2015 12:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V5QOPrOCBNKp for <oauth@ietfa.amsl.com>; Fri, 3 Apr 2015 12:40:22 -0700 (PDT)
Received: from mail-qc0-f174.google.com (mail-qc0-f174.google.com [209.85.216.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8588C1A01E7 for <oauth@ietf.org>; Fri, 3 Apr 2015 12:40:22 -0700 (PDT)
Received: by qcay5 with SMTP id y5so94749264qca.1 for <oauth@ietf.org>; Fri, 03 Apr 2015 12:40:21 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:content-transfer-encoding:from :mime-version:subject:date:message-id:references:cc:in-reply-to:to; bh=d0dmz9qQouzacJORJzHGmlC5Mx5Xxm76Ve+w0ZkJgHU=; b=IJlpBWKs3jimBl/J97BpkF3C5QctHkGpJDev7XdUet5rac75ndc73K70lJx48ArcTz LD8I41MQ5EFt2ff0Ci1CLLu4jsLgUy+9j7OVOy9HVmKGPH0lF7ZHKEdCwgXOa2l2syl5 g3AdmOTrDrsesmqAVmBrOXE8yVT/XY9RHSncDKKvnESXgnLIU2UyRIIkqdOjOnjyDp6m wPM/iumZzAnjm314M+dpyz0mweBnrW/t9l31MHMI2sgaKXZCh+OzQvO4CwdcGTm5hlOn ResjgqQMCaAV3jV7wRGOsKoMu/hkz67hqNAWCRFIpK22BMZv9CsiLYBznBFl61svepGo tTvQ==
X-Gm-Message-State: ALoCoQmWTT3Lab+lEX/3n/RZazk7ILX9ej/D+OWjsefu+kxJbJzbEqRB/Eghr8JSCAxT6DYGjnpW
X-Received: by 10.55.31.167 with SMTP id n39mr7116966qkh.59.1428090021562; Fri, 03 Apr 2015 12:40:21 -0700 (PDT)
Received: from [192.168.1.36] (181-163-96-231.baf.movistar.cl. [181.163.96.231]) by mx.google.com with ESMTPSA id p8sm6259650qha.20.2015.04.03.12.40.20 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 03 Apr 2015 12:40:20 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
From: John Bradley <ve7jtb@ve7jtb.com>
Mime-Version: 1.0 (1.0)
Date: Fri, 03 Apr 2015 16:16:20 -0300
Message-Id: <C8F7F75D-A2B9-48DB-A438-9FDF8E4051EC@ve7jtb.com>
References: <551DADCB.9040803@cs.tcd.ie> <551ED488.7000101@gmx.net>
In-Reply-To: <551ED488.7000101@gmx.net>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
X-Mailer: iPhone Mail (12D508)
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/qZK0a7z9ZJ0_E6KwVtDy3bgslyI>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Referencing TLS
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2015 19:40:24 -0000
Yes it is good, though reading that BCP may scare off implementers who will just ignore it. We may still want to give the current advice of >= tls 1.2 at the point of publication see BCP xx for additional considerations. John B. Sent from my iPhone > On Apr 3, 2015, at 2:57 PM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote: > > I learned something new: we can reference a BCP (instead of an RFC) and > even if the RFC gets up-dated we will still have a stable reference. > (See Stephen's response to my question below). > > This is what we should do for our documents when we reference TLS in the > future. We would reference the yet-to-become BCP (currently UTA-TLS > document) and we essentially point to the recommended usage for TLS > (version, ciphersuite, everything). > > Isn't that great? > > -------------------------------------------------------- > >> On 02/04/15 19:09, Hannes Tschofenig wrote: >> Hi Stephen, >> >> if I understand it correctly, you are saying if we reference a BCP # >> (instead of the RFC) then a revised RFC will get the same BCP #. I have >> never heard about that and if that's indeed true that would be cool. I >> might also have misunderstood your idea though. > > Yep, that's it. XML2RFC makes it hard but you can do it, worst > case via an RFC editor note > > S. > > > > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Referencing TLS Hannes Tschofenig
- Re: [OAUTH-WG] Referencing TLS Hannes Tschofenig
- Re: [OAUTH-WG] Referencing TLS John Bradley
- Re: [OAUTH-WG] Referencing TLS Kathleen Moriarty
- Re: [OAUTH-WG] Referencing TLS Leif Johansson
- Re: [OAUTH-WG] Referencing TLS John Bradley
- Re: [OAUTH-WG] Referencing TLS Justin Richer
- Re: [OAUTH-WG] Referencing TLS Leif Johansson