Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 02 December 2020 10:44 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4899D3A0E85 for <tls@ietfa.amsl.com>; Wed, 2 Dec 2020 02:44:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.917
X-Spam-Level:
X-Spam-Status: No, score=-1.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r9tKOlZemQ7n for <tls@ietfa.amsl.com>; Wed, 2 Dec 2020 02:44:31 -0800 (PST)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [180.189.28.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4B173A12B1 for <tls@ietf.org>; Wed, 2 Dec 2020 02:44:30 -0800 (PST)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2173.outbound.protection.outlook.com [104.47.71.173]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-25-FFsdkNoEMkmeg73U-7dL-w-1; Wed, 02 Dec 2020 21:44:25 +1100
X-MC-Unique: FFsdkNoEMkmeg73U-7dL-w-1
Received: from HK2PR0401CA0014.apcprd04.prod.outlook.com (2603:1096:202:2::24) by SYBPR01MB5113.ausprd01.prod.outlook.com (2603:10c6:10:10::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.25; Wed, 2 Dec 2020 10:44:22 +0000
Received: from HK2APC01FT013.eop-APC01.prod.protection.outlook.com (2603:1096:202:2:cafe::53) by HK2PR0401CA0014.outlook.office365.com (2603:1096:202:2::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.17 via Frontend Transport; Wed, 2 Dec 2020 10:44:21 +0000
X-MS-Exchange-Authentication-Results: spf=none (sender IP is 130.216.95.224) smtp.mailfrom=cs.auckland.ac.nz; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.auckland.ac.nz
Received: from uxcn13-tdc-e.UoA.auckland.ac.nz (130.216.95.224) by HK2APC01FT013.mail.protection.outlook.com (10.152.248.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3632.17 via Frontend Transport; Wed, 2 Dec 2020 10:44:20 +0000
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-e.UoA.auckland.ac.nz (10.6.3.9) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 2 Dec 2020 23:44:19 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1497.007; Wed, 2 Dec 2020 23:44:19 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "STARK, BARBARA H" <bs7652@att.com>, 'Eliot Lear' <lear=40cisco.com@dmarc.ietf.org>
CC: "'last-call@ietf.org'" <last-call@ietf.org>, "'tls-chairs@ietf.org'" <tls-chairs@ietf.org>, "'draft-ietf-tls-oldversions-deprecate@ietf.org'" <draft-ietf-tls-oldversions-deprecate@ietf.org>, "'tls@ietf.org'" <tls@ietf.org>
Thread-Topic: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Thread-Index: AQHWtuemkBcnxjhwjkukZnBJ0gfqXKnb932AgAD1RoCABJdrIf//K3OAgAFq8mb//4R+AIAACK+AgAIab1c=
Date: Wed, 02 Dec 2020 10:44:19 +0000
Message-ID: <1606905858825.10547@cs.auckland.ac.nz>
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie> <1606814941532.76373@cs.auckland.ac.nz> <36C74BF4-FF8A-4E79-B4C8-8A03BEE94FCE@cisco.com>, <SN6PR02MB4512D55EC7F4EB00F5338631C3F40@SN6PR02MB4512.namprd02.prod.outlook.com>
In-Reply-To: <SN6PR02MB4512D55EC7F4EB00F5338631C3F40@SN6PR02MB4512.namprd02.prod.outlook.com>
Accept-Language: en-NZ, en-GB, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5c4fad2c-e05a-48e0-2f00-08d896af3a34
X-MS-TrafficTypeDiagnostic: SYBPR01MB5113:
X-Microsoft-Antispam-PRVS: <SYBPR01MB5113B1498A36DDBA59629A8FEEF30@SYBPR01MB5113.ausprd01.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0
X-Microsoft-Antispam-Message-Info: mJYO85F5mr9Qr/EQMwBl3HdJ/D32SLf0ORQyTLKGPSfSwUj9R5kSIEwDL33AMloqhNtFYPJiYo5fr3Kt4lkiI18APGLIn9XWhqxt0RJBvcvQfscbnvK5D93ygA9sLaijCNY8T+inEL6MtU/0XMGh1riXcMfGflO2L4SSYMN9E5J/+Wj6coXryNrH0ne8Rb5EXjovRtShd9HILhegW7zXcoMsQXu+MZ/0HZqyxOE22/yrshyee0OjDQe7qreIsGsTokk1oh+Agc5mNR6KLjhp24rG60YiEk13IVZQZMZn4m+VHq2M1A+YqMSvt0AseQd63xSMB69uBROpxDmWnpqU+VfLmTbSwuCjrAj1IVm51TNeGPOa0deSx8ZlG1kVi2Lk4RiO3vd3Qp0jsRGzDZie0g==
X-Forefront-Antispam-Report: CIP:130.216.95.224; CTRY:NZ; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:uxcn13-tdc-e.UoA.auckland.ac.nz; PTR:natgate2-1.auckland.ac.nz; CAT:NONE; SFS:(4636009)(136003)(39860400002)(396003)(346002)(376002)(46966005)(7636003)(36906005)(356005)(2906002)(82310400003)(70206006)(8676002)(110136005)(70586007)(4744005)(26005)(54906003)(186003)(86362001)(316002)(47076004)(4326008)(83380400001)(82740400003)(786003)(478600001)(2616005)(5660300002)(8936002)(336012); DIR:OUT; SFP:1101
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Dec 2020 10:44:20.9518 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5c4fad2c-e05a-48e0-2f00-08d896af3a34
X-MS-Exchange-CrossTenant-Id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d1b36e95-0d50-42e9-958f-b63fa906beaa; Ip=[130.216.95.224]; Helo=[uxcn13-tdc-e.UoA.auckland.ac.nz]
X-MS-Exchange-CrossTenant-AuthSource: HK2APC01FT013.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYBPR01MB5113
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CAU17A13 smtp.mailfrom=pgut001@cs.auckland.ac.nz
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/JqKWvpcLEeAOpjG2EQFMT5Wwc0o>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 10:44:33 -0000
STARK, BARBARA H <bs7652@att.com> writes: >If someone feels a strong need to ignore this in their own network, they will >have no difficulty doing so (and have no difficulty justifying it to >themselves and others inside their org). It's actually the complete opposite, they will have every difficulty in doing so. You've got systems engineers whose job it is to keep things running at all costs, or where the effort to replace/upgrade is almost insurmountable, who now have to deal with pronouncements from standards groups that insist they not keep things running. I don't know where you get this idea that this will cause "no difficulty" from, it's a source of endless difficulty and frustration due to the clash between "we can't replace or upgrade these systems at the moment" and "there's some document that's just popped up that says we need to take them out of production and replace them". Peter.
- [TLS] Last Call: <draft-ietf-tls-oldversions-depr… The IESG
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… tom petch
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… tom petch
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Sean Turner
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eric Rescorla
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eric Rescorla
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Gary Gapinski
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eric Rescorla
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Eliot Lear
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Nick Lamb
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Martin Duke
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Peter Gutmann
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Viktor Dukhovni
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ben Smyth
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Olle E. Johansson
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Keith Moore
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Salz, Rich
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Bill Frantz
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Joe Abley
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Eliot Lear
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Gary Gapinski
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Watson Ladd
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… STARK, BARBARA H
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… BRUNGARD, DEBORAH A
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Andrew Campling
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… tom petch
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ackermann, Michael
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Ted Lemon
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Rob Sayre
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Nick Hilliard
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Christian de Larrinaga
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Kathleen Moriarty
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Kathleen Moriarty
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Peter Gutmann
- [TLS] Results of Last Call: <draft-ietf-tls-oldve… Benjamin Kaduk
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… tom petch
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Gary Gapinski
- Re: [TLS] Last Call: <draft-ietf-tls-oldversions-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… tom petch
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… Stephen Farrell
- Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-… tom petch