Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt
Julien ÉLIE <julien@trigofacile.com> Thu, 07 March 2019 20:43 UTC
Return-Path: <julien@trigofacile.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E38412867B for <tls@ietfa.amsl.com>; Thu, 7 Mar 2019 12:43:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.121
X-Spam-Level:
X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dhc0CXjCfsN8 for <tls@ietfa.amsl.com>; Thu, 7 Mar 2019 12:42:57 -0800 (PST)
Received: from denver.dinauz.org (denver.dinauz.org [IPv6:2001:41d0:8:730b::1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1BF4126C87 for <tls@ietf.org>; Thu, 7 Mar 2019 12:42:56 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by denver.dinauz.org (Postfix) with ESMTP id 0B02A6046B; Thu, 7 Mar 2019 21:42:55 +0100 (CET)
Received: from denver.dinauz.org ([127.0.0.1]) by localhost (denver.dinauz.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LFNzCXKnBLqT; Thu, 7 Mar 2019 21:42:54 +0100 (CET)
Received: from macbook-pro-de-julien-elie.home (2a01cb0800a7750064400e08ce7827f8.ipv6.abo.wanadoo.fr [IPv6:2a01:cb08:a7:7500:6440:e08:ce78:27f8]) by denver.dinauz.org (Postfix) with ESMTPSA id D48D86008F; Thu, 7 Mar 2019 21:42:54 +0100 (CET)
To: tls@ietf.org
References: <154165491176.26419.11906807559515385277@ietfa.amsl.com> <62386296-c674-44ef-65b0-e3ced823eb92@cs.tcd.ie>
From: Julien ÉLIE <julien@trigofacile.com>
Organization: TrigoFACILE -- http://www.trigofacile.com/
Message-ID: <b5a4aa40-d169-cc26-afa5-2600274fdbcb@trigofacile.com>
Date: Thu, 07 Mar 2019 21:42:53 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <62386296-c674-44ef-65b0-e3ced823eb92@cs.tcd.ie>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7bftbV66B1l9DGI_reqK6CMBefE>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Mar 2019 20:43:00 -0000
Hi Stephen,
> This version attempts to make the few changes discussed
> at the meeting on Monday. I wrote a script that gave me
> a list of 76(!) RFCs this might need to update, and may
> of course have mucked that up, so if anyone has a chance
> to check if (some of) those make sense, that'd be great.
I believe updating RFC 4642 (TLS with NNTP) is useless because this RFC
has already been updated by RFC 8143.
In RFC 8143:
A.6. Related to Other Obsolete Wording
The first two sentences of the seventh paragraph in Section 2.2.2 of
[RFC4642] are removed. There is no special requirement for NNTP with
regard to TLS Client Hello messages. Section 7.4.1.2 and Appendix E
of [RFC5246] apply.
That is to say, the following sentences in RFC 4642 are no longer relevant:
Servers MUST be able to understand backwards-compatible TLS Client
Hello messages (provided that client_version is TLS 1.0 or later),
and clients MAY use backwards-compatible Client Hello messages.
Neither clients nor servers are required to actually support Client
Hello messages for anything other than TLS 1.0.
That's why I suggest draft-ietf-tls-oldversions-deprecate does not
update RFC 4642. It is no longer useful.
Are you OK with this analysis?
--
Julien ÉLIE
« Le rire est une chose sérieuse avec laquelle il ne faut pas
plaisanter. » (Raymond Devos)
- [TLS] I-D Action: draft-ietf-tls-oldversions-depr… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Julien ÉLIE
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Julien ÉLIE
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Julien ÉLIE
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… John Mattsson
- Re: [TLS] I-D Action: draft-ietf-tls-oldversions-… Stephen Farrell