Re: [TLS] Robert Wilton's No Objection on draft-ietf-tls-oldversions-deprecate-11: (with COMMENT)
"Rob Wilton (rwilton)" <rwilton@cisco.com> Tue, 19 January 2021 15:07 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72B943A005F; Tue, 19 Jan 2021 07:07:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=R/8rmTK7; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Ez1ytko8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RlkCZwHqwDaf; Tue, 19 Jan 2021 07:06:59 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6168D3A158A; Tue, 19 Jan 2021 07:06:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5276; q=dns/txt; s=iport; t=1611068819; x=1612278419; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Uil8V/n17bveW9z32zestQS4O+jrjuZQvdf9ygYoeS4=; b=R/8rmTK7BMKE8NRY/Kq1CApxDesGStAqck6F2L/gzumjDhkNuLe0A88c Z/72pEyEhzsj1cmspAX4VZ3ZxIn23rjkT2N0ZIVkYPh5L+fHYQmgicH+r x3ABmrc10e+SjNRoklnp5kcAnrLGCj32fmKyEeaISl0viZatPbuWtz/lP w=;
IronPort-PHdr: 9a23:jf1pBR12+QgNbRF4smDT+zVfbzU7u7jyIg8e44YmjLQLaKm44pD+JxWGuadmlxnVVomd6v8Xw+bVsqW1X2sG7N7BtX0Za5VDWlcDjtlehA0vBsOJSCiZZP7nZiA3BoJOAVli+XzoOlMTBM3yIVzf8TW+6DcIEUD5Mgx4bu3+Bo/ViZGx0Oa/s53eaglFnnyze7R3eR63tg7W8MIRhNhv
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BMAAAO9QZg/5BdJa1iHAEBAQEBAQcBARIBAQQEAQFAgTsHAQELAYFSUQd2Wy8vCoQ1g0gDhFmJKwOZE4EuFIERA1QLAQEBDQEBGA0IAgQBAYRKAheBXAIlNAkOAgMBAQsBAQUBAQECAQYEcYVhDIVzAQEBBAEBIREMAQEsCwELBAIBCBEEAQEBAgImAgICJQsVCAgCBAENBQiDH4JVAy4BAwukMAKKJXaBMoMFAQEGgUdBgwUYghEDBoEOKgGCdYQBgk6DciYbgUE/gRFDglY+gl0BAQIBARWBEQESASMVgwI0giyDKAQiGRAGAls8UReQOYMsk2yRPwqCd4kvkluDKoowlRCUG4sckWWETgICAgIEBQIOAQEGgVY6Z1gRB3AVO4JpUBcCDY4hDBcUgzqFFIVEdDcCBgoBAQMJfIpbAYEQAQE
X-IronPort-AV: E=Sophos;i="5.79,359,1602547200"; d="scan'208";a="843127660"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 19 Jan 2021 15:06:58 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 10JF6wSU022159 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 19 Jan 2021 15:06:58 GMT
Received: from xfe-rcd-003.cisco.com (173.37.227.251) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 19 Jan 2021 09:06:57 -0600
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Tue, 19 Jan 2021 09:06:57 -0600
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 19 Jan 2021 10:06:57 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HV5bmf+6YvvPRjSs1YPNm+9JvzkOUPyx+rL4nVNWQ4kag/jz90+s2IKqjBAaHkNu8A0qcxBrZL+NBylCsxTo/ssRtKN4Szv56ctWkiCHEq7Oo1F3fMZsA9W8Guv5qbFjyXw2hNWQTAD0w02Ywi0lyX2KgIg4BN92h8PelD2vacFK48TNQCoPwzvmfzG5n05Egs6ZC8QBXfX/kUsXfiOqh78cOaEqav2FXEC7/8CZh8ZMB+snwVviOxnlCpXbPESPxaa7G6kqNyagdvDTQViYrZWVXsSw4yweOtI/JbDHmsva4/tZ6XtBNTwyUBeb9HA+G79aoYd107jvrQdhyadrPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uil8V/n17bveW9z32zestQS4O+jrjuZQvdf9ygYoeS4=; b=k08c9RmNeW5v0Yk6GCNeKG7yR51Qh4Ru6aQjMBA2uYzGVxxY2gbq4oRT+D/oFsmvI64GejuzH/LoXPlqlbbxVXzHzaunoAZGX+qSs1+swM5KDQFCCPvIsIKkv6le+H6lOy5dwQsYMb8VNn+0u+IW5PiK3Wx70XeEXcxCa/ksfxl+r4IeozOQE/IiQnrqT4uR4PYAP9xemx7n+5bQlyD/4WCNkqvBRWtwH0SpruJ/mGdrv4z+OMBfOOEY3hVl9yk+n2Xx9pH/GUBgOZHfGoA7O5KqKARWq/FQ27bRS/3iYL/jRT6y38fVeY5r3tMRjsl3b9rFLbKOIAXFPqnmyN8R4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uil8V/n17bveW9z32zestQS4O+jrjuZQvdf9ygYoeS4=; b=Ez1ytko8M1iatvbzs2mbcCVWfU28EbUmuFxlx6pKVfl0p58BZwxNaAhzemB/hvu/fzRDAWbCdtUkQ5eo+sZmRLfMe08U8AVqO593P95hKoAMuVD+ETCIbn2AKFovof17373o5+pOJ2H5veuSgEcvme0+YdQKc0WdQysACeVSSNE=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by MN2PR11MB4757.namprd11.prod.outlook.com (2603:10b6:208:26b::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11; Tue, 19 Jan 2021 15:06:54 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3c82:1fa3:2b18:3afb]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3c82:1fa3:2b18:3afb%6]) with mapi id 15.20.3763.014; Tue, 19 Jan 2021 15:06:54 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
CC: "draft-ietf-tls-oldversions-deprecate@ietf.org" <draft-ietf-tls-oldversions-deprecate@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Robert Wilton's No Objection on draft-ietf-tls-oldversions-deprecate-11: (with COMMENT)
Thread-Index: AQHW6Q7YR0knctexnkm/8n8xVRipC6okg4+AgApM5ACAADwLgIAACqZg
Date: Tue, 19 Jan 2021 15:06:54 +0000
Message-ID: <MN2PR11MB43663070D2A62CB5E694B311B5A30@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <161047526945.13931.15375970322889859402@ietfa.amsl.com> <c40b9838-b8fc-5cb7-126b-fc39d1112e2c@cs.tcd.ie> <MN2PR11MB4366EA869AD607318271B876B5A30@MN2PR11MB4366.namprd11.prod.outlook.com> <c6bca7f5-90fd-a655-fb67-f024dbf60ea5@cs.tcd.ie>
In-Reply-To: <c6bca7f5-90fd-a655-fb67-f024dbf60ea5@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cs.tcd.ie; dkim=none (message not signed) header.d=none;cs.tcd.ie; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [82.12.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b398aa59-87b5-4eff-0e7e-08d8bc8bdbbf
x-ms-traffictypediagnostic: MN2PR11MB4757:
x-microsoft-antispam-prvs: <MN2PR11MB4757817693C4B380CDF1664AB5A39@MN2PR11MB4757.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: l2VsWAxBjC+UzTmj6YKNgwC+21m/GZlBepbCLJ7MUUXaJnHzMsmHyidw8yfaz+Q1XOBbTfOpuUPnLnJy2G8w0Umfd0WVw1EQkdajVjLmQDCjvrJb+E1QXD+0MshSm9AnqTge0ZQH3tmzuL+xX1KTPToJXZzmSU74g6ob8fIVD0zs+7KWn1rQubKRSmEKCdtCsYqjNpcOtyKrtC9d5YWV56dL7aCb5uODgmxA5poABI4vLomOi0Y5so5eZjmwAYBhybVeiL+MPZ71LH3nulaB1uQmr4+eX9LbDH2Z+ZqktXQ+aaVUlGOI21WP4JlYHE+U9tagyPyiAjiiRhi0zkBrOW7iE2cTdxjLR9USngvaflJCyHkG6et94OgAJZh+8ISZQXc+NirvqjMjRJx942XdzbgSQqSuWr3GjaKd1ksmOZCrzBOSCSKN7hXFCxn7BRmA9awNfNlCTYQBQ9s48z+nLg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4366.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(136003)(376002)(396003)(346002)(366004)(83380400001)(478600001)(55016002)(76116006)(66946007)(66446008)(64756008)(66476007)(66556008)(8676002)(86362001)(186003)(4326008)(53546011)(9686003)(6506007)(5660300002)(71200400001)(33656002)(54906003)(110136005)(2906002)(316002)(296002)(966005)(7696005)(8936002)(26005)(52536014); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: J7bulfj6duYP3wuOgi6rlhw2Di8Gj3M0bM7PSwBtk05tPyJb/V4huNSPI1g5AUbZnWIN4bIF9dNzSNoVAQ2cvi/iPiwQmvSr9qczmW3fs2Hx5snyGa4PeeYTFiyFDWaczb213IdFLZyuxUor8tL68r5DOagda7aEMWTdHXOsrvSrXw9uBCZ++Y5bd1lri3rCvuWEVhNUNX1GkFkrSlV45gmg0eCg4NUq6eQqXLuhc2sqcX2Ntd2+Mdx9M55UGpVYufgBnA+llUuJb63j4f+HJMqk8gXYNg29FH03SnP3vraU6yScaYtZVunzhnY/WTg/NHCI2HYEU9YFT1OTk+NZ3mRs7XOhdrXRbwEpE98Z5vAzODGHMePZrCAYIj6372rR9/bei0a0BP62qvKpEkBPscl0M9e4W42n79s9+xVjcOc4H/lLSsnlcdZlM3iCTPJPJUBJH7DIuSbO3NnOiRCbZtgAAMlPJ0VAS8WBgh9UJQz5wD//4OkPVYntsApahBrDBvFLXd4GQjCHas8LvSsxAk4Z/0ruCYcOepcOJ7jfkkwKb1hU9oTh/ptX855HdyKbmkLO8dnVH05MZquhofUvLNGhOC/PQj9SgDj0nZC3q2Hoxygp73w1nxpqryzWtX9NFOHUdL4lT30uD5zqIObtDVezrLqB6G0wEkv2WtaqCiN76Bl7oMOyNAnirw7Z/3uxX3f8t64V8KxKtgmrw5LMw2ECZ/542FPdHPml6dVp3e04rHy9m507eFSY8xRdd6hjk7lqs+dITKAm4l775zJ+2ObAiSpem4P84Zu8H4lF3oqJPZPrN1E/DimBctlqTJ9bge3usgmUljsQ++VB7yU6PaDhLqoo5gq3AM88xaPjzUDpzyTUvMcMHu1HkP6xHNqLY16lINrfgJWDupOcEI0cgA1yW0W/XpkEXsa2INxBiIVyBqYQfc4g0qYI+/7QRAEY5pHA1JQfwBFyRuKt2xBBHAngzeQeX2qxsyk+fhnq2Yk=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4366.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b398aa59-87b5-4eff-0e7e-08d8bc8bdbbf
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jan 2021 15:06:54.4633 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RetHZVBV62lp3BDfMkHHjp9Toros3eGvawZglcCExXc5zk0h51RmqrYNHZik4OGiropyD8bmzxRgR7WJQdcblw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4757
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/X_9x5W9grj97NFY-tMUkJDm8xTo>
Subject: Re: [TLS] Robert Wilton's No Objection on draft-ietf-tls-oldversions-deprecate-11: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2021 15:07:02 -0000
LGTM. Regards, Rob > -----Original Message----- > From: Stephen Farrell <stephen.farrell@cs.tcd.ie> > Sent: 19 January 2021 14:28 > To: Rob Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org> > Cc: draft-ietf-tls-oldversions-deprecate@ietf.org; tls-chairs@ietf.org; > tls@ietf.org > Subject: Re: [TLS] Robert Wilton's No Objection on draft-ietf-tls- > oldversions-deprecate-11: (with COMMENT) > > > Hiya, > > On 19/01/2021 11:05, Rob Wilton (rwilton) wrote: > > > > > >> -----Original Message----- From: iesg <iesg-bounces@ietf.org> On > >> Behalf Of Stephen Farrell Sent: 12 January 2021 21:35 To: Rob > >> Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org> Cc: > >> draft-ietf-tls-oldversions-deprecate@ietf.org; > >> tls-chairs@ietf.org; tls@ietf.org Subject: Re: [TLS] Robert > >> Wilton's No Objection on draft-ietf-tls- oldversions-deprecate-11: > >> (with COMMENT) > >> > >> > >> Hiya, > >> > >> On 12/01/2021 18:14, Robert Wilton via Datatracker wrote: > >>> Robert Wilton has entered the following ballot position for > >>> draft-ietf-tls-oldversions-deprecate-11: No Objection > >>> > >>> When responding, please keep the subject line intact and reply to > >>> all email addresses included in the To and CC lines. (Feel free > >>> to cut this introductory paragraph, however.) > >>> > >>> > >>> Please refer to https://www.ietf.org/iesg/statement/discuss- > >> criteria.html > >>> for more information about IESG DISCUSS and COMMENT positions. > >>> > >>> > >>> The document, along with other ballot positions, can be found > >>> here: > >>> https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/ > >>> > >>> > >>> > >>> > >>> > ---------------------------------------------------------------------- > >>> COMMENT: > >>> ---------------------------------------------------------------------- > >>> > >>> > >>> > Thank you for purging the old versions of TLS. > >> > >> Thanks for trudging through it! :-) > >> > >>> > >>> There is one sentence in the abstract that I found surprising (if > >>> it is > >> right). > >>> > >>> The abstract states: "TLSv1.2 has been the recommended version > >>> for IETF protocols since 2008, providing sufficient time to > >>> transition away from older versions." > >>> > >>> Should this be "minimum recommended version"? Otherwise, I > >>> don't > >> understand > >>> why the recommended version of TLS is 1.2 rather than 1.3 (given > >>> that > >> the TLS > >>> 1.2 RFC is marked as obsolete). > >> > >> I see what you mean. > >> > >> I guess s/has been/became/ would do it? The point isn't so much > >> what the current recommended version is/was but more that it's been > >> a dozen years since it was TLSv1.1. > > [RW] > > > > Yes, s/has been/became/ helps, but I still think that it implies that > > TLV 1.2 is the current recommended version of TLS. > > > > Perhaps something along the lines of: > > > > TLSv1.2 became the recommended version for IETF protocols in 2008 > > (now obsoleted by TLSv1.3 in 2018), providing sufficient time to > > transition away from older versions." > > Sure. I did more or less that in the repo - [1] with > diff vs. -11 at [2] > > Cheers, > S. > > [1] > https://github.com/tlswg/oldversions-deprecate/blob/master/draft-ietf-tls- > oldversions-deprecate.txt > [2] > https://tools.ietf.org/rfcdiff?url1=draft-ietf-tls-oldversions-deprecate- > 11.txt&url2=https://raw.githubusercontent.com/tlswg/oldversions- > deprecate/master/draft-ietf-tls-oldversions-deprecate.txt > > > > > Regards, Rob > > > > > >> > >> > >> Cheers, S. > >> > >> > >> > >>> > >>> > >>> > >>> _______________________________________________ TLS mailing list > >>> TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls > >>>
- [TLS] Robert Wilton's No Objection on draft-ietf-… Robert Wilton via Datatracker
- Re: [TLS] Robert Wilton's No Objection on draft-i… Stephen Farrell
- Re: [TLS] Robert Wilton's No Objection on draft-i… Rob Wilton (rwilton)
- Re: [TLS] Robert Wilton's No Objection on draft-i… Stephen Farrell
- Re: [TLS] Robert Wilton's No Objection on draft-i… Rob Wilton (rwilton)
- Re: [TLS] Robert Wilton's No Objection on draft-i… Kathleen Moriarty