Re: [rtcweb] draft-ietf-rtcweb-security-arch-09: DTLS 1.2 only?

Martin Thomson <martin.thomson@gmail.com> Mon, 05 May 2014 23:47 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89B541A01C7 for <rtcweb@ietfa.amsl.com>; Mon, 5 May 2014 16:47:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3WMHFOGd8Bsv for <rtcweb@ietfa.amsl.com>; Mon, 5 May 2014 16:47:28 -0700 (PDT)
Received: from mail-wg0-x233.google.com (mail-wg0-x233.google.com [IPv6:2a00:1450:400c:c00::233]) by ietfa.amsl.com (Postfix) with ESMTP id 1A8D41A013C for <rtcweb@ietf.org>; Mon, 5 May 2014 16:47:27 -0700 (PDT)
Received: by mail-wg0-f51.google.com with SMTP id x13so2118149wgg.22 for <rtcweb@ietf.org>; Mon, 05 May 2014 16:47:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=fvdOpnsZ2ElMrG81xErcM/3kJzzpLgNtWYQBFx1J6rg=; b=VzcKjuKjvov+iKlX1dfNfEwfRgwM0aqzlaXx5mgtxSaqzDsZXsKaMIdZDNXx/uW31E TdcSWBziKWPp95tzHYNLwV78efUZ1WkgK9H+WyMTKJ3noLxnTNk7iM5bKDt3BTFTJrQn Inl03xNF8x9J7Vyw5mLsklb51tthIznubMq9sbZZaYAcPID8nnOPK9H37Llfx13udHW1 yCgve9IkYMMEAyyyc0GRSK78E2ShvbW6P1OVRQnDOLJYrVDCc3GQt3snpDi9/R45P6tn 6myBX5maantUwfaJJSGK19NKNdnSAPG0aRb+DfXrwPigJj4K7OAVVr2oHKiZTCbPkzXi DbWA==
MIME-Version: 1.0
X-Received: by 10.180.82.133 with SMTP id i5mr18175543wiy.50.1399333643034; Mon, 05 May 2014 16:47:23 -0700 (PDT)
Received: by 10.227.77.10 with HTTP; Mon, 5 May 2014 16:47:22 -0700 (PDT)
In-Reply-To: <4116cc72bf7f4194ba096afc12d4e0df@BL2PR03MB419.namprd03.prod.outlook.com>
References: <99c75200c5e742b5946ec8e0a850e13d@BY2PR03MB427.namprd03.prod.outlook.com> <4116cc72bf7f4194ba096afc12d4e0df@BL2PR03MB419.namprd03.prod.outlook.com>
Date: Mon, 5 May 2014 16:47:22 -0700
Message-ID: <CABkgnnW5F9EQNC4pe1Ni3G7ohjXrHYFXY3jJvuKBWghNM46Mzg@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Andrei Popov <Andrei.Popov@microsoft.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/AJhOv45f6n7Us_haKaA_ah-2S_U
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] draft-ietf-rtcweb-security-arch-09: DTLS 1.2 only?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 23:47:29 -0000

On 5 May 2014 15:38, Andrei Popov <Andrei.Popov@microsoft.com> wrote:
> Just to confirm: does everyone think it’s a good idea to require the use of
> DTLS 1.2?

I'll note that Firefox currently doesn't comply with this requirement.
 We currently only negotiate DTLS 1.0 (i.e., datagram TLS 1.1).  We
should be conformant with this shortly.  (Assuming of course that this
doesn't change.)