Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

Peter Gutmann <pgut001@cs.auckland.ac.nz> Tue, 01 December 2020 09:30 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A63E53A0E4B for <tls@ietfa.amsl.com>; Tue, 1 Dec 2020 01:30:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.917
X-Spam-Level:
X-Spam-Status: No, score=-1.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 99PIcjuyKk7J for <tls@ietfa.amsl.com>; Tue, 1 Dec 2020 01:30:24 -0800 (PST)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [124.47.189.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 903433A0FBB for <tls@ietf.org>; Tue, 1 Dec 2020 01:30:17 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2238.outbound.protection.outlook.com [104.47.71.238]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-25-0ODRE6ljNJCCppen1FHMrQ-1; Tue, 01 Dec 2020 20:29:07 +1100
X-MC-Unique: 0ODRE6ljNJCCppen1FHMrQ-1
Received: from PS2PR06CA0013.apcprd06.prod.outlook.com (2603:1096:300:56::25) by SYBPR01MB4219.ausprd01.prod.outlook.com (2603:10c6:10:54::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.25; Tue, 1 Dec 2020 09:29:05 +0000
Received: from PU1APC01FT004.eop-APC01.prod.protection.outlook.com (2603:1096:300:56:cafe::a1) by PS2PR06CA0013.outlook.office365.com (2603:1096:300:56::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.20 via Frontend Transport; Tue, 1 Dec 2020 09:29:04 +0000
X-MS-Exchange-Authentication-Results: spf=none (sender IP is 130.216.95.224) smtp.mailfrom=cs.auckland.ac.nz; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.auckland.ac.nz
Received: from uxcn13-tdc-e.UoA.auckland.ac.nz (130.216.95.224) by PU1APC01FT004.mail.protection.outlook.com (10.152.252.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3611.23 via Frontend Transport; Tue, 1 Dec 2020 09:29:04 +0000
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-e.UoA.auckland.ac.nz (10.6.3.9) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 22:29:02 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1497.007; Tue, 1 Dec 2020 22:29:02 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Keith Moore <moore@network-heretics.com>, "last-call@ietf.org" <last-call@ietf.org>
CC: "draft-ietf-tls-oldversions-deprecate@ietf.org" <draft-ietf-tls-oldversions-deprecate@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Thread-Index: AQHWtuemkBcnxjhwjkukZnBJ0gfqXKnb932AgAD1RoCABJdrIf//K3OAgAFq8mY=
Date: Tue, 1 Dec 2020 09:29:01 +0000
Message-ID: <1606814941532.76373@cs.auckland.ac.nz>
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz>, <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
In-Reply-To: <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie>
Accept-Language: en-NZ, en-GB, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: a0cd815a-c227-46fb-3369-08d895db8b9b
X-MS-TrafficTypeDiagnostic: SYBPR01MB4219:
X-Microsoft-Antispam-PRVS: <SYBPR01MB42198D26A9CBBB90CB955394EEF40@SYBPR01MB4219.ausprd01.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0
X-Microsoft-Antispam-Message-Info: 991YaWDKRfWvFQdWnbL0YrKLhKDh8t5flD0oXSWRrt26EhOxF9zZBc1DjqKfNkv2eEXU0IcnDKnyjldp38wmSgfttpyNvNNCaTKBTH2I3xu3tGAmholGUIbGKtjsStyqHgGBrkUXiMiH+rUZpHqS/s2zcQZbxy41ofejwlAexrLeralRAJ/biNUDD886tV8H13K1j/OA2FLTCMPSW9hOINzIkiXe3q/PSjuMHKRSAA/hcz/40Bwbm/aJaz0FYIpBOfxkNEh99ogSYSkM8SlVh0sjbit92jcgTHZuJZ7xgd/OBDPsJllxjGX1vAnrC7mfoEhCM5wajLZjBkoyXeYXe8LRZygMWc95K6Dlmg7j9dbHEmUDSqHTG36i+dyyjLGectEuIxvCrksZQ/Nhe0/I8w==
X-Forefront-Antispam-Report: CIP:130.216.95.224; CTRY:NZ; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:uxcn13-tdc-e.UoA.auckland.ac.nz; PTR:natgate2-1.auckland.ac.nz; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(39860400002)(136003)(46966005)(26005)(7636003)(66574015)(186003)(478600001)(86362001)(70206006)(82740400003)(5660300002)(47076004)(70586007)(2616005)(4744005)(336012)(54906003)(786003)(110136005)(316002)(8676002)(2906002)(8936002)(4326008)(356005)(82310400003)(36906005); DIR:OUT; SFP:1101
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Dec 2020 09:29:04.1627 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a0cd815a-c227-46fb-3369-08d895db8b9b
X-MS-Exchange-CrossTenant-Id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d1b36e95-0d50-42e9-958f-b63fa906beaa; Ip=[130.216.95.224]; Helo=[uxcn13-tdc-e.UoA.auckland.ac.nz]
X-MS-Exchange-CrossTenant-AuthSource: PU1APC01FT004.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYBPR01MB4219
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7F6hIh10HkQ-AZzfSEkOTLps55M>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 09:30:26 -0000

Stephen Farrell <stephen.farrell@cs.tcd.ie> writes:

>That said, if someone had words to suggest that might garner consensus, that
>would be good.

I think all it needs is something along the lines of "This BCP applies to TLS
as used on the public Internet [Not part of the text but meaning the area that
the IETF creates standards for].  Since TLS has been adopted in a large number
of areas outside of this, considerations for use in these areas are left to
relevant standards bodies to define".

Peter.