Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

"Salz, Rich" <rsalz@akamai.com> Tue, 01 December 2020 15:21 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE5A33A1386; Tue, 1 Dec 2020 07:21:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4JG4EvXdKoc8; Tue, 1 Dec 2020 07:21:15 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CAA93A0C43; Tue, 1 Dec 2020 07:21:14 -0800 (PST)
Received: from pps.filterd (m0050096.ppops.net [127.0.0.1]) by m0050096.ppops.net-00190b01. (8.16.0.43/8.16.0.43) with SMTP id 0B1FFl4n022028; Tue, 1 Dec 2020 15:21:07 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=hhyAwo1vTPRz/eZHt30xdECHx9bCquQon6wEYfiSwP0=; b=ORSTDPDcFYBj0CZAZjLUuAfbPQ91Lz24bVIfe3A/ZWTZeKQEtc5w+c+6k6Du/Vm7D+zd 2u2s/a0EWYa5J8YcBQDX0njzdw1v5ksN7zZ8ODVldiX2YYuKhg+iLgRB69PQH39pdstX N4/VLWYF1ecKwzRQJZpGpNjIyfxIkT2zi3glQODZBSHSoMJUN3+3jlVnvXaMoOkSLZW5 BaY5FOoJBDUKyUTTmDzdfj/MTHNlWZdxp9fnMW8N0NId8QZRkRhPSaxBy8sMbQShjyWs g+mBOHNDhqzSnK+nOnrxtj7HPl1HoEvKb9YgReWdPqHZI/jFJxt4KXXAoipDjeEacOb+ LQ==
Received: from prod-mail-ppoint3 (a72-247-45-31.deploy.static.akamaitechnologies.com [72.247.45.31] (may be forged)) by m0050096.ppops.net-00190b01. with ESMTP id 353fum7n92-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 01 Dec 2020 15:21:07 +0000
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.42/8.16.0.42) with SMTP id 0B1FJFxt024356; Tue, 1 Dec 2020 10:21:06 -0500
Received: from email.msg.corp.akamai.com ([172.27.165.116]) by prod-mail-ppoint3.akamai.com with ESMTP id 353js2dkm5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 01 Dec 2020 10:21:06 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.165.119) by ustx2ex-dag1mb4.msg.corp.akamai.com (172.27.165.122) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 1 Dec 2020 09:21:05 -0600
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.165.119]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.165.119]) with mapi id 15.00.1497.008; Tue, 1 Dec 2020 09:21:05 -0600
From: "Salz, Rich" <rsalz@akamai.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "research@bensmyth.com" <research@bensmyth.com>
CC: "last-call@ietf.org" <last-call@ietf.org>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Thread-Index: AQHWx/F6pS7poEHxYEOmbTHrxiu0Mqnia7wA
Date: Tue, 01 Dec 2020 15:21:04 +0000
Message-ID: <2803EB0E-42F2-41F1-853F-1AD2F4AFD53D@akamai.com>
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie> <CA+_8xu2V7ZD9jmSH3t=yQua2WO=DjGYAgs196Xc2ba5UtOX29w@mail.gmail.com> <6E6E30C2-21FA-450E-A133-03FA80AB424C@akamai.com> <1606834252382.9367@cs.auckland.ac.nz>
In-Reply-To: <1606834252382.9367@cs.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.43.20110804
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.164.43]
Content-Type: text/plain; charset="utf-8"
Content-ID: <2271D77F5592C942A12661D90F5C701F@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-12-01_07:2020-11-30, 2020-12-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 bulkscore=0 adultscore=0 malwarescore=0 mlxlogscore=947 phishscore=0 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012010098
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-12-01_07:2020-11-30, 2020-12-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 suspectscore=0 bulkscore=0 impostorscore=0 lowpriorityscore=0 spamscore=0 adultscore=0 mlxlogscore=863 priorityscore=1501 mlxscore=0 clxscore=1015 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012010098
X-Agari-Authentication-Results: mx.akamai.com; spf=${SPFResult} (sender IP is 72.247.45.31) smtp.mailfrom=rsalz@akamai.com smtp.helo=prod-mail-ppoint3
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/8vign5H0B8EO1nQfCO5UDMNV3dg>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 15:21:17 -0000

>    And how will the people who can ignore it know that it's OK for them to do so?

Well, frankly, that's not our problem.  If someone is going to blindly insist on RFC conformance and doesn't recognize the wording that says "might not apply to you" ... well, so be it.

I am more concerned about someone see the "this only applies if you ..." and being wrong.  Or taking a SCADA system and after a couple years it's now "in the cloud." 

Our goal is to make the Internet work better.