Re: [TLS] TLS@IETF101 Agenda Posted
Ted Lemon <mellon@fugue.com> Wed, 14 March 2018 19:11 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3A5E12D94E for <tls@ietfa.amsl.com>; Wed, 14 Mar 2018 12:11:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.7
X-Spam-Level:
X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jGh6KsDbll1Z for <tls@ietfa.amsl.com>; Wed, 14 Mar 2018 12:11:18 -0700 (PDT)
Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47C02127601 for <tls@ietf.org>; Wed, 14 Mar 2018 12:11:18 -0700 (PDT)
Received: by mail-it0-x22f.google.com with SMTP id v194-v6so6101321itb.0 for <tls@ietf.org>; Wed, 14 Mar 2018 12:11:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=e+K8Ie6BkuvaU70rvqDa9+BGsO6Gpamgq7oVrdscaRo=; b=m4gJAQiLa0XLpudj1xwD1jJROayPTW42WeQq7xNVkDexmQx8zbHW6bk1PV05Y67Era kpG5mWX4q+Ifjewha92E80ua8aHCtbe/HjQOqX8cJ7qZDktLR+9ZVdFXOKAILjzRGnO9 svqYvFKFNk9WDFUgcD3bVEwSeQGMAAn3i/YB75kSa3uOrxT+aS9iwZnVAiri5laS5ssz R/D4U8o6y7z7VEcg7xLxReE3CczrQL8GZYExY+Rf01GAZvsy/a4LMB5MSZ5taeWNVPmE wAXig+FcRHohwvZgbcN+61DHhxpu4TqZRpT2Wwnj0ED0U+nwHGbCE7cJ/Li8jv8sikru 88+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=e+K8Ie6BkuvaU70rvqDa9+BGsO6Gpamgq7oVrdscaRo=; b=DHzLxGzaillYtUErsbSq+yGUy/Eh+WzvXIPGnARMtFtQm0ikgy21b812D2/uSFETZM 2+NwzMNaVGy1XXI3FITmHsWxctH2PMdBLC1RqCRuYmWl8W6YSWYuICskHOjRs5PNvvwp t3tu/JGMCBQWP5aQqdCZqLrPa8VUx0KSSvLn0hNNg7875T+wY7I8eW1he9az65hMHcvG r1rixfUjGChBM6sAsQ9Cz1qvRJx4/R4HAe/0GcJDVu6df1Pjo3T3Fjpf3zQ/lqQ04Tzv fSg4ZqScwEa/4fSeqJPCX79Qk8cqzMt4w1/tzkRe+RNDbKTVULiF8XEzekhyIvpwW7Yh 8NAw==
X-Gm-Message-State: AElRT7E1zcpt/aoYR3ocTLoGEPbLwkjhSrrbyeH2rof0xlMY/STUSywL xwDH/1HoCMDRFHFV36X4Pj/q4CCZKOrsxpquqF019g==
X-Google-Smtp-Source: AG47ELtfciU09hLy8AboKrrh1xEP6GpWVEUys6meB8tTOhCv5JGO3eftnTIop9ohZCt2aZADLWUdovdtqh8NAhUjfNU=
X-Received: by 2002:a24:4ecf:: with SMTP id r198-v6mr3339646ita.98.1521054677550; Wed, 14 Mar 2018 12:11:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.225.204 with HTTP; Wed, 14 Mar 2018 12:11:16 -0700 (PDT)
Received: by 10.79.225.204 with HTTP; Wed, 14 Mar 2018 12:11:16 -0700 (PDT)
In-Reply-To: <4317390C-51CB-4969-8251-DBA18CBDE0BA@vigilsec.com>
References: <6140B7A6-A1C7-44BC-9C65-9BE0D5E1B580@sn3rd.com> <090F06AF-371D-4B11-91AA-BD80C1ADB4E9@fugue.com> <C1970611-C781-41A8-87CA-D00629AC41E7@vigilsec.com> <12691059.D1o9753ySB@pintsize.usersys.redhat.com> <4317390C-51CB-4969-8251-DBA18CBDE0BA@vigilsec.com>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 14 Mar 2018 15:11:16 -0400
Message-ID: <CAPt1N1=x4cA_wnrLny638gmQBTL039bXDj-1U98KiKMHEaq6+g@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: Hubert Kario <hkario@redhat.com>, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bd5dd605676423b6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/T_wb2R6PSErgMDDmDnI_BbHJkYo>
Subject: Re: [TLS] TLS@IETF101 Agenda Posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2018 19:11:22 -0000
Perhaps this would be a good time to put in a plug for additional funding for openssl et al... On Mar 14, 2018 14:53, "Russ Housley" <housley@vigilsec.com> wrote: > > > On Mar 14, 2018, at 8:39 AM, Hubert Kario <hkario@redhat.com> wrote: > > > > On Tuesday, 13 March 2018 23:16:47 CET Russ Housley wrote: > >> Ted: > >>> There's an easy way to do this, although as a sometime bank security > geek > >>> I would strongly advise you to not do it: keep using TLS 1.2. > >> This is a bogus argument. First, staying with an old protocol version > often > >> leads to locking in unmaintained versions of old software. > > > > this is simply not true, the newest versions of OpenSSL, NSS, GnuTLS and > > schannel allow you to disable TLS 1.2 and TLS 1.1 protocol support to > > effectively only support TLS 1.0! > > After TLS 1.3 is approved, I have heard a desire from software maintainers > to drop support for some of the older versions over time. Support for SSL > 3.0 has been dropped in some cases, and for good reasons. > > Russ > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted stephen.farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- [TLS] draft-rhrd-tls-tls13-visibility at IETF101 Jim Reid
- Re: [TLS] TLS@IETF101 Agenda Posted Colm MacCárthaigh
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Joseph Salowey
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Richard Barnes
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted Eric Rescorla
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted George Palmer
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Sean Turner
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Melinda Shore
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ackermann, Michael
- Re: [TLS] TLS@IETF101 Agenda Posted Darin Pettis
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stan Kalisch
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Stephen Farrell
- Re: [TLS] draft-rhrd-tls-tls13-visibility at IETF… Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Kathleen Moriarty
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Hubert Kario
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted Peter Bowen
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ryan Sleevi
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Artyom Gavrichenkov
- Re: [TLS] TLS@IETF101 Agenda Posted Ralph Droms
- Re: [TLS] TLS@IETF101 Agenda Posted Salz, Rich
- Re: [TLS] TLS@IETF101 Agenda Posted nalini elkins
- Re: [TLS] TLS@IETF101 Agenda Posted Ted Lemon
- Re: [TLS] TLS@IETF101 Agenda Posted Stan Kalisch
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Andrei Popov
- Re: [TLS] TLS@IETF101 Agenda Posted Russ Housley
- Re: [TLS] TLS@IETF101 Agenda Posted Stephen Farrell