[TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support
Andrew Campling <andrew.campling@419.consulting> Wed, 20 November 2024 17:27 UTC
Return-Path: <andrew.campling@419.consulting>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 326B8C14CF1E for <tls@ietfa.amsl.com>; Wed, 20 Nov 2024 09:27:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netorgft5189650.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QM1f0GmD_-QI for <tls@ietfa.amsl.com>; Wed, 20 Nov 2024 09:27:35 -0800 (PST)
Received: from LO3P265CU004.outbound.protection.outlook.com (mail-uksouthazon11020080.outbound.protection.outlook.com [52.101.196.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1817C14F68F for <tls@ietf.org>; Wed, 20 Nov 2024 09:27:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KtHSvjhOXIL2P/BG97R4EN5dwkd50Rp8aNMLzSw0XJq3zdAtvxV20QeuyNraa/inB/CJKAhb25yj7q1H8KwjlO36kWliTfBo1p/GLjH9gD5zvv9qcnHQkV0U+GhW1ybp/WYxOgvAqnjRKwfFNMGD2uy+q2uoRtGHO9WUPUG7fPdBFjzzoFOiFOCR/fIEyTTPGhWjY3yWw2GsISqVm50Na/x4RenobD7WvMILjoHezgRkj5TN0En9mhTUdhg+W0cjTe7yWMfIk2dkM3ctvx0WfDKhtvQL7RxSRp4AG1wVO8+Sieqtq0buWncDpKeA+EV8fm9+3UPmeyys0gUOdlDRhQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UeaVoGUvDbqhZk/inTcq1IrgtymJ4NiaktfzXc2mqX4=; b=MgUwzcWrxN9WyYMzesh4/GkzVoYqf9z6YPRYUr9I04DKzQFK1sI2eZI4wJwZyjvyp0xtrhCybEJiPL5ZX6y76mOAD/m5WpVo6/QcdMN7al2701hvF3oa5MSXvBQH4R3x36vMEke+NVbPCKD5k3tQfit293QQqOYYoPLsOqNO3BicQdbS6xa/HD6RfxnYBZD1LyFlvd1gzqrUBKgzGjbb4E/JkTFfioCrxYwQlxn8Ag4gPB883Q710zvY2eBFeBKHRjW+sGr7Ek0ETSG/FC9A1zZMcau5Z0Uw1FJz+4pjN46BeQvIot2I0P2Gm0tZcQ92wiejHMacBa49e4RRJhQNXQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=419.consulting; dmarc=pass action=none header.from=419.consulting; dkim=pass header.d=419.consulting; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NETORGFT5189650.onmicrosoft.com; s=selector1-NETORGFT5189650-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UeaVoGUvDbqhZk/inTcq1IrgtymJ4NiaktfzXc2mqX4=; b=TSjTXnjTz3kC8osLYkkseqnqQu1jcttBQ5NR2QUfAzKUJfO9vQ0kIs+x/tWET2CL083KmdMsYLUCgpjUCPo9CRiM5yA9sFBawAZEMc7eQZ7lZlmHSwgpQ55tmxJDVMybv0sFj/I5De6rCw+jQetwW7dv8bBSmO5X3cNKmadGIqM=
Received: from CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:196::5) by LO6P265MB7034.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:322::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8182.15; Wed, 20 Nov 2024 17:27:33 +0000
Received: from CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM ([fe80::f4dd:e2e2:da35:5c7e]) by CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM ([fe80::f4dd:e2e2:da35:5c7e%7]) with mapi id 15.20.8182.013; Wed, 20 Nov 2024 17:27:33 +0000
From: Andrew Campling <andrew.campling@419.consulting>
To: "Salz, Rich" <rsalz@akamai.com>, Sean Turner <sean@sn3rd.com>, TLS List <tls@ietf.org>
Thread-Topic: [TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support
Thread-Index: AQHbO3F1/EPy4KodgE294dFXeYuzCw==
Date: Wed, 20 Nov 2024 17:27:32 +0000
Message-ID: <CWXP265MB5153A14B88F7E5CC94E9BF9AC2212@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM>
References: <278163DF-0CB8-472F-84CB-0B8236FEC7C1@sn3rd.com> <231D5F24-E1AE-4F7C-9860-F6B0FF79D6FF@akamai.com>
In-Reply-To: <231D5F24-E1AE-4F7C-9860-F6B0FF79D6FF@akamai.com>
Accept-Language: en-US, en-GB
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=419.consulting;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CWXP265MB5153:EE_|LO6P265MB7034:EE_
x-ms-office365-filtering-correlation-id: b5872a06-11da-4797-7b33-08dd09889e24
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018;
x-microsoft-antispam-message-info: Xz+45WaCbJYarvDDQTeFxry3ZVGqW6Ol7YHD79m9eOTLgIvNsxjuiM1ep0UNZuReoLmRT2qxihLCTGqLx7Pmc2VupZ0990JznIZ2vOjxnGLl2g7mZbnTStlZTzWy7t99zUmod5/4f2OTB2cSZnl9icbZ3GVgeWqRTPOadpSHVNYJ6LhfxQSD/HDwgULJU8zu8fY+X/7loOPUG1Xa6zXM7iH+esQr/1uNsaYDn0/enA3WYTYXFHdng67K+ZwhDCfwO7bm/wXTSDtW6nyum7ukRgpMAiWMAjxy/VY96TrpD3jVocB6Jj07PqYW9dc6RptKeyT1AtlxH6XGRuqOtmH4+ij0t//YAozFZWX3/nXOhhUZTBL1SMrY6kkpPEF3nA7WE3XXgM3TqLVd/Iov3ee4rcOLgdwQAjbJvX2eLGpcR2wKXHhWs25pGphVNaLMPtLSJjG+Wn/DQGLmHW5+jwhVZFJjZiXzS4gzlPXAPGz5U21ESacgyoeYBkOE0oTvfRY2Plm6xZGYGrEVTX6qU/j+MDF/l3SHsXEDY21ZEJqrqnCbLj28ROLwmspRRhbo/AvrXy9jbbK7c7EgDtS4xhSiJFbZK0r0RJ5HnPj4Tr7JOrpjKGzhdBQXR49eceQNNRu7tjms5Zahk+IgQX7GLQfUhx+CTR6dRTQK4ugdc9IoMdu0TCw8NSb6dGj9SdCLyQ/8dIqpMcpDmyW3Z2Ag7IUHYvyFUBmXMwpRuzQl3SYeN5CSZTYuIcNwwh9ucGCcmeOKguyi74zM2OgR8KEtZi+H0BYAI/+kiuu6ICrXuwyRlxPleMxfURHGTB5tt/ZfbapS7h3IWEmyC9AO9H0hnQWf9VPUnSsvdj3TtAqqrAqzaGvrMTWPhx4TYuEo/YUGYKhjgIRsXlLRe6EOp/m3Kx2Ox+N//3mPxdVAWTyh40KPIR6sNyuFPqC8HKTHAthg7B2+bz1+hagkpqBaGRZ5v6hE41Zlebw9jvF91tL2sCqzn7JKNuieNbbUSg/oku8xnpWD1JL+pCpAHPFUy0/1/rNAua8AqrRxJI1KPmwHtgxmLFtkIv0naNPVupldHy0X3IfRW9IFH8IlfGE93rYRK7GOGafqH1NkGKDJz5/CgmjiaNrmn/eao48yayzR4Z4sCaGvnKszvCc3TLbH+yDX83DBcikvQBtgflWwnbU41egHaIrB51X2akvUvBgAX2PvC0n8yNh9Md/cqhNQ2exefZ7iSrDLnUcRnDVoc0zbhSfHV2Q+UOmD7iJsL8Po8D/z0hkBjAK7EDKhA4b2MI8OnJD1+3W1zaHduIikTOcFgskmGAE1uN7nzPllzfJcFwUlilBbB2YyoZFx2UzzmkUTv6NN59OAO07LXKWOgfvP0jLV0PE=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: vs4xWkCtf8dQo2b1hiB1bKD8I9o/pHxZS3t1798JZX/9CWwefV9EKYSZHm2khfgVqOa6+VybIYSHq+M+OmLSiDdrgP/hEK+69/pydZYrpSnbSz4bPU3xZSdI2Lgjmu6NyLRNwFFb82aY7cnmeOoUFP0Xny5TXoOYD9SdvgEANap8q4WihTj38ZZn8vrQX6XCmaRqBs/APE742fqz4UYvL9X0RziHNBkTzHViF94mtMQ+YFwHf71L7ayheCpRunAPJzWpeDsDUHllLoFjig3mqaBVyAWm04kiQStscR1ewhRz4fGCrqFZ2geUeAgqFvr98ewlZ52rAf6YdrXwJbUrx3xiXxSR7qYuP1P1LuEM7HXktvaIWgmxURypMwUvmEEG2D822J6qEvoB2fzP9cbRjUVKoizR41NHmINgjxd1iwAFAEnx7eX2Z10adjU5qXYa9F5mlSzNTEVJBg4BlLLjUbZmebkqZh1XYCF2BD0GzKLOQhbA+Tb7coqR5ysYJzKzcTrJXYJz0K+R0cWArfo4OvgUToi6/E1Pd8O0jfXqWLjb9nDParHH4Dwh1b6pvSSts/E2xQOADfWlj5fSupIQVEPzqeP5X1hNKA5uyr8Y9w2kHusnVWDxzU7lJvdxl4qoLPUZ7vt7LEJzIidODKOIa+gjm+Crc3qKwxdCzp2U3/glbE70RqvF0YIb4oKXMLfv/3lYPIN5SZF9kHpxvNw799YVyqQS5SyaR63q+ga8bfOcjVI2uVSBviyKCoZVwGMi/hpt2oPyeXGUOrheyJYg82mCmYub1/gwp7Gwf0YwPKcXVWYLeWPV8SGKIXPy+i7fTkdr8/yEPrYDQRl5CDcHW5rQoLSFdszALBie0JNcVKUCjaNnIrbwjHD3d0Wcs/e8A4YPkZ2mHaRMSQothyRXqVtxH0SuK6mKiIx7QICYu86hhHlnvEc1Tb6RGXh9bxExIChz477dvWydtbXUwTjCK6LCiUKVM/imBFkEjfGEw1rf4svCB7x8aPX4kfUhHb7GPl0oAyrOPT4bZzzPy3pClYca+D0EM/I5frwp+iKVVWp5VzTsH6MUBPPhm9aIv45x6ugNMe5PrVTVGdXSsEIHb376keJ3+QsqC9MisHJq1fwPDj5XrbwzNFKbBgdVIMnwJ/sj3gG0xMS+VDm/VlRSlFUteiJUYCDpQeqJnwKLl8orEoNBqZ2cw3E4CLW9TM4uw4aVhCQXr8lM5bMddXYliEMFXzisNo5r3Xs/OXAtPNu7kF3B2xettFbm+5jnYmJUzE6CjdubBFBjF4+hav9lLUch7CAIB8mVLcTqrag3i5LcIy5gZ2LTTUJIP8SZ4YvEEK56LrvwGFPOVM9/r49I66Mn333m6B5LS3sm+5CFaphTFOaPrZo07Qi3MH0hSmM7baoWJ8p8U2eQIn8vNI7djE4vp/+OHqvNwLI7qRnk+UWosBqZA+cHx16dQMInEyV/m1ogQI8CuRW2TbxWDU9gCrsdzz4ZiEZiFbUP49Vu9mz4DmnT2O3S4TTVmn+F0Jn62YPzial7I26/rNHCznWQNmwlGhEatI83L7pSE0KStgRyUYXKRokCGERxoV4UodECPYP9XeIrJ3PTdCFUey3Mqg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: 419.consulting
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b5872a06-11da-4797-7b33-08dd09889e24
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Nov 2024 17:27:32.9748 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9c2ced3e-7522-4755-87dc-f983abc66ec3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GwRii+whdEFcj1RRr/f7k9IVuv5RIdY5/uttgVBu6skHfFqL3yTSWIHuBl7oOwr9+D7W+Z2fszroiUPuNtdQPa1ohEHhCDbDQ2YmnZvpN/g=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO6P265MB7034
Message-ID-Hash: NTR4T4AEJ3XAAIRYTV56FWB5GJNCMNO5
X-Message-ID-Hash: NTR4T4AEJ3XAAIRYTV56FWB5GJNCMNO5
X-MailFrom: andrew.campling@419.consulting
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5XYSUb_s2immhmCh-qw_h2mAgtg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
+1, especially given the previous discussion on this topic on the list back in 2016. Andrew -----Original Message----- From: Salz, Rich <rsalz@akamai.com> Sent: 05 November 2024 19:01 To: Sean Turner <sean@sn3rd.com>; TLS List <tls@ietf.org> Subject: [TLS] Re: Adoption call for TLS 1.2 Update for Long-term Support I strongly support adoption. I do not understand why anyone would be opposed to the IETF making deployment recommendations. I can understand why someone might be bothered by the impliciation that *THIS ONE WAY* is the only way to get long-term support, especially if it's seen to contradict our encouragement of TLS 1.3. But that is an editorial issue that can be easily fixed. I would like to see this adopted, a short change cycle, and then advanced in the same cluster with our TLS 1.2 is frozen document.
- [TLS] Adoption call for TLS 1.2 Update for Long-t… Sean Turner
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Sean Turner
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Rob Sayre
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Alicja Kario
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Thom Wiggers
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Viktor Dukhovni
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Christopher Wood
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Richard Barnes
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Martin Thomson
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Alicja Kario
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Sean Turner
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Nick Harper
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Arnaud Taddei
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Eric Rescorla
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… David A. Cooper
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Andrew Campling
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Yaron Sheffer
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… David Benjamin
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Yaron Sheffer
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Andrew Campling
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Andrew Campling
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Rob Sayre
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Rob Sayre
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Alicja Kario
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Salz, Rich
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Rob Sayre
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Pascal Urien
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Sean Turner
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Stephen Farrell
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Muhammad Usama Sardar
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Yaron Sheffer
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… David A. Cooper
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Bas Westerbaan
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… David A. Cooper
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Watson Ladd
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… David Benjamin
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Peter Gutmann
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Sean Turner
- [TLS] Re: Adoption call for TLS 1.2 Update for Lo… Rob Sayre