Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt

Hi,

Thanks for driving this. Great work. I would like to see deprecation of done more often in IETF and elsewhere.

3GPP has deprecated TLS 1.0 and DTLS 1.0 some years ago (but could at that time not deprecate TLS 1.1 due to interop with older releases). I would estimate that 3GPP will deprecate TLS 1.1 this year, at least that is what I am going to suggest. I think that 3GPP will deprecate non-AEAD and non-PFS cipher suites at the same time as TLS 1.1.

Moving deprecation of SHA-1 to a different document makes sense to me. I would want such a document be deprecate a much as section 9.2 of RFC 7540 with the exception of TLS_PSK_WITH_AES_128_CCM_8 for IoT. I.e, I think such a document should forbid non-AEAD and < 2048 DHE as well as changing the MTI cipher suite in TLS 1.2. 

- I think the document should mention DTLS 1.0 much earlier, probably even in the title.

- Nit: The document uses "TLS1.0" "TLSv1.0" while most other drafts use "TLS 1.0"

Cheers,
John

-----Original Message-----
From: TLS <tls-bounces@ietf.org> on behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thursday, 8 November 2018 at 06:36
To: "TLS@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt

Hiya,

This version attempts to make the few changes discussed
at the meeting on Monday. I wrote a script that gave me
a list of 76(!) RFCs this might need to update, and may
of course have mucked that up, so if anyone has a chance
to check if (some of) those make sense, that'd be great.

Ta,
S.

On 08/11/2018 05:28, internet-drafts@ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Transport Layer Security WG of the IETF.
> 
>         Title           : Deprecating TLSv1.0 and TLSv1.1
>         Authors         : Kathleen Moriarty
>                           Stephen Farrell
> 	Filename        : draft-ietf-tls-oldversions-deprecate-01.txt
> 	Pages           : 21
> 	Date            : 2018-11-07
> 
> Abstract:
>    This document, if approved, formally deprecates Transport Layer
>    Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves
>    these documents to the historic state.  These versions lack support
>    for current and recommended cipher suites, and various government and
>    industry profiles of applications using TLS now mandate avoiding
>    these old TLS versions.  TLSv1.2 has been the recommended version for
>    IETF protocols since 2008, providing sufficient time to transition
>    away from older versions.  Products having to support older versions
>    increase the attack surface unnecessarily and increase opportunities
>    for misconfigurations.  Supporting these older versions also requires
>    additional effort for library and product maintenance.
> 
>    This document updates many RFCs that normatively refer to TLS1.0 or
>    TLS1.1 as described herein.  This document also updates RFC 7525 and
>    hence is part of BCP195.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-01
> https://datatracker.ietf.org/doc/html/draft-ietf-tls-oldversions-deprecate-01
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-oldversions-deprecate-01
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 