Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

Ted Lemon <mellon@fugue.com> Sat, 05 December 2020 01:32 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4650B3A1009 for <tls@ietfa.amsl.com>; Fri, 4 Dec 2020 17:32:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CwFuULefE7AK for <tls@ietfa.amsl.com>; Fri, 4 Dec 2020 17:32:49 -0800 (PST)
Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com [IPv6:2607:f8b0:4864:20::731]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A26743A104E for <tls@ietf.org>; Fri, 4 Dec 2020 17:32:49 -0800 (PST)
Received: by mail-qk1-x731.google.com with SMTP id d9so7366030qke.8 for <tls@ietf.org>; Fri, 04 Dec 2020 17:32:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=w/drDPOH3tPJz/1eUYjvfFTjad2a5WfWkKCFfDdpa8E=; b=M5YaiHSgXYGRRIoE0BWGMjE0pp1jYYPuAZoYr6nu6YlOxM2mU/0lHsWhmdb1wSh+T4 9SMMnbiagvRoTPj3KNxx0BlZJpVzFLeysrGhsxWucJM1pdLD2D5NrVn9sMx9Af3gWsuf S1al9b6J1OnXyzHGyK6q6I6xhJw2DBzZYpnAVm+BRwK3vEwkCKh+WvDB3YFnpjvfaSyM EM3WfLbLgi8S/WZZ8ZqM657PWzscZBkTXCVqQd65Vy+2TU8z6uVnNS4nDNpP8vMd5miu oYRKpr6ZKQ24Ym4SH8wtKLFaCBwfXfLuIYx+7a0sJQ6JhvspNtrIKdyX/K4sAxzmd2xN /aDQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=w/drDPOH3tPJz/1eUYjvfFTjad2a5WfWkKCFfDdpa8E=; b=dJa8fqzEro2bAMJ5tYjWLlrFnkIDTw+23tgss9zKXur3gwiNqDEppMIrXOVgniL81E w2gIcbsgd6IVL40mNU1s7GOwvAr25gduaXIpjcj2/c0CIP3yOI14xzvj6iI03ll0MLJy 2/d039Ylrm0YmZPzlNfCYD3OfICIAMQjSLp3uAGPnjrwo6i0nQ4nBaUC28WN4ch4RU30 0xtdJeEYanIz7rQjOakrZp8INBrNTmiPYzwS4b/6xUXZEdwsF2m+9xhMB0LfT0fKgMy4 Q6koQ0WoJgc6dXbLSc+JjgVtw0iVP9U3xt5yypKTfMMElYDwstv0Cx1QOrqVAFYkUGJr LIIA==
X-Gm-Message-State: AOAM5311eWQWn07cHp2otvx2/svzsLcXbImuJlGWfGjb2aoyD4T8w1c9 yT2iD7i8vEj3+AxT6IQ1OGUCGg==
X-Google-Smtp-Source: ABdhPJywJfNwzTQ+IuuX6JDe8PaQd/WCvZe/mQvBEgaIXJcmELjxP75mkRN2TEr5k2kii3Cln7I0tQ==
X-Received: by 2002:a05:620a:22e7:: with SMTP id p7mr12853103qki.333.1607131968289; Fri, 04 Dec 2020 17:32:48 -0800 (PST)
Received: from [192.168.4.114] (c-24-91-177-160.hsd1.nh.comcast.net. [24.91.177.160]) by smtp.gmail.com with ESMTPSA id 60sm3090199qth.14.2020.12.04.17.32.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 04 Dec 2020 17:32:47 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Ted Lemon <mellon@fugue.com>
Mime-Version: 1.0 (1.0)
Date: Fri, 4 Dec 2020 20:32:46 -0500
Message-Id: <05935A0A-B503-4C77-9AB0-F82B333C7168@fugue.com>
References: <251c6be9-ce1b-b358-0c72-03a61db5a60d@foobar.org>
Cc: "Ackermann, Michael" <MAckermann@bcbsm.com>, last-call@ietf.org, tls@ietf.org
In-Reply-To: <251c6be9-ce1b-b358-0c72-03a61db5a60d@foobar.org>
To: Nick Hilliard <nick@foobar.org>
X-Mailer: iPhone Mail (18C65)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7EVpeBg0ExRdaF0wHIBIcvV9XEs>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Dec 2020 01:32:51 -0000

On Dec 4, 2020, at 19:17, Nick Hilliard <nick@foobar.org> wrote:
> people don't necessarily buy stuff that's not ungradeable.  They buy stuff which has a support lifetime of finite duration.

Same thing. If you’re serious about business continuity, you have an arrangement with the vendor about what happens if they go out of business, and you have an agreement about how long support will last and what it consists of.

Of course no product has infinite lifetime, but lots of iot stuff is expected to be in the walls for 30 years. Radiology equipment lasts decades. Etc. 

It’s really natural to think of stuff you buy as being stable and solid, but when there’s software in it, this cognitive bias requires serious systems thinking to avoid.