Re: [secdir] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Rob Sayre <sayrer@gmail.com> Wed, 13 July 2022 19:35 UTC
Return-Path: <sayrer@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D5FAC14F613; Wed, 13 Jul 2022 12:35:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EM_BoYUCo3Nu; Wed, 13 Jul 2022 12:35:39 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8D3EC14CF04; Wed, 13 Jul 2022 12:35:33 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id r18so15389994edb.9; Wed, 13 Jul 2022 12:35:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZfYN0jHq0A8aMAXjyZRfRcBAyob1MLkFHFv2YdOrrKU=; b=jOYbs3Iu078WeCteeBiDcZ7cfF+EUDDfZvzBPBmLyHSIvDI8ldHqjb1iY/TQPueV8G OSLK+BtOqmCTkOa4GNkl7npdR7jj4agx6fAHH1bZz3a5X3njN+tFXyUL4s43H3xbWr+/ M5IxMOMkehNjEDH7pnm2AzFkIt9O4Y/jclzmg7VcjC6Q73COBlD426QhyIhwdMCJB0Vy 9yV1QHlQSLgYqwef/qEBpMF48oJoM/vPTUCOLfHMjuxHZqzv/J+0HoEOOyCB0kQbaFU9 9SJICYm3aAMhUjC4rAHsL/P0bp0Uf89zcICvyxgTQiqoJFWz17PtjflsGKyWEEXvO10K qO2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZfYN0jHq0A8aMAXjyZRfRcBAyob1MLkFHFv2YdOrrKU=; b=KqMLlqycYR/iH8u53ZVF+pWeFaBcCXTiUn68g9CexDDDUx1cRN9x1p+tYlT0+vLi60 TBhfW4rBxeku5oR2cYi2kgUUp3azV3KQJIkkEickjRVBq2X1dzAmkHrAUWEXbApDK3dn H8x4KQnYmsHgzY7P8h+1ePOMGT0qeoRqh8HmpEUqqFykn4ARnw4CC9uBK2SJxPxROfwa kwvajmP64gSKSvIACtEHaeKdAMQ4MrS1rrmT6VoKGrmPSSfEd3GG99pUnj90msmXHNeQ 5wOjOXWDusWWJvt/l9S6Rp1ZMWd8RCny5WgckyQbVyt7PU98IbFcXEFgPcR+6oxqNnal 2HEQ==
X-Gm-Message-State: AJIora8aVWjxNCe7fh+JmPcQn3njAesctDugIPDfdM1K1UrKXQEtzn44 zt6u3JglxqMEPxcRJWfqpueJ6eG3guhMHNA+js8=
X-Google-Smtp-Source: AGRyM1vO0bj1FzJMXFyNEYi1qIHxJiXrsixLg3vYYNEgiQOCWQMp79T7g+IZp2sr74zMxkvg5cEj7qGairXe2uZFf3k=
X-Received: by 2002:aa7:dd16:0:b0:43a:e850:a245 with SMTP id i22-20020aa7dd16000000b0043ae850a245mr7008450edv.127.1657740932181; Wed, 13 Jul 2022 12:35:32 -0700 (PDT)
MIME-Version: 1.0
References: <165766858084.5251.12485129434316295805@ietfa.amsl.com> <b24e2934-200f-4f80-5261-aa2a977da39b@stpeter.im> <CAChr6Syq+uOTJsvqWuSustq_HdTaXCtDepyCuRWx+jGoEB06Fw@mail.gmail.com> <CAChr6SzkAmbjGK4XOwPkSwssLoG4NW1yG-6b2aFdFr43yF2zwQ@mail.gmail.com> <c516d0e4-f477-a4fb-2638-3615434f48f2@stpeter.im>
In-Reply-To: <c516d0e4-f477-a4fb-2638-3615434f48f2@stpeter.im>
From: Rob Sayre <sayrer@gmail.com>
Date: Wed, 13 Jul 2022 12:35:21 -0700
Message-ID: <CAChr6SwgwknvgAycr6s=6tCRQZoZdiJxRXJpoTejEcW7g+bv=A@mail.gmail.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Cc: Benjamin Kaduk <kaduk@mit.edu>, secdir@ietf.org, draft-ietf-uta-rfc7525bis.all@ietf.org, last-call@ietf.org, uta@ietf.org
Content-Type: multipart/alternative; boundary="00000000000064708305e3b4e3ab"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/eg7oX8T6bHqvvhD_GDj6JOMpe_4>
Subject: Re: [secdir] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jul 2022 19:35:39 -0000
On Wed, Jul 13, 2022 at 12:26 PM Peter Saint-Andre <stpeter@stpeter.im> wrote: > > Are you suggesting that the best current practice for implementations > and deployments of TLS is to support and negotiate only TLS 1.3? The > sense of the UTA WG was it's premature to say that currently, although > presumably we'll be ready to say that in 7525ter... > It is definitely the "BCP" already--there are good reasons not to support TLS 1.2 on a server, and good reasons for clients not to connect to a server that negotiates it. My opinion is that the document should outline the compatibility problems that will occur if you don't support TLS 1.2, but not mandate support with 2119 words. thanks, Rob
- [secdir] Secdir telechat review of draft-ietf-uta… Benjamin Kaduk via Datatracker
- Re: [secdir] Secdir telechat review of draft-ietf… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Salz, Rich
- Re: [secdir] [Last-Call] Secdir telechat review o… Salz, Rich
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Peter Saint-Andre
- Re: [secdir] [Last-Call] Secdir telechat review o… Rob Sayre
- Re: [secdir] [Last-Call] Secdir telechat review o… Martin Thomson
- Re: [secdir] [Last-Call] Secdir telechat review o… Benjamin Kaduk
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Andrei Popov
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Peter Gutmann
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Peter Gutmann
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Benjamin Kaduk
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Last-Call] [Uta] Secdir telechat re… Martin Thomson
- Re: [secdir] [Last-Call] [Uta] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Stephen Farrell
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Thomas Fossati
- Re: [secdir] [Last-Call] Secdir telechat review o… Salz, Rich
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Paul Wouters
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Andrei Popov
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [Uta] [Last-Call] Secdir telechat re… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Andrei Popov
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Peter Gutmann
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre
- Re: [secdir] [EXTERNAL] Re: [Uta] [Last-Call] Sec… Rob Sayre