Re: [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 10 November 2020 11:18 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2A073A05DF; Tue, 10 Nov 2020 03:18:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1zXKV6tuJKM7; Tue, 10 Nov 2020 03:18:22 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52E2B3A047D; Tue, 10 Nov 2020 03:18:20 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 89EB2BE58; Tue, 10 Nov 2020 11:18:19 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bTLfWch5iaZp; Tue, 10 Nov 2020 11:18:15 +0000 (GMT)
Received: from [10.244.2.119] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 81C21BE53; Tue, 10 Nov 2020 11:18:15 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1605007095; bh=GgK1qD9fhY42qgRiM+qVEaQXdc1p+KrDWYPx1JvmzVE=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=STKfbzkekDDKoFfNPb+WXeGmhVtncISzT7bMHCw/UN0L7xw7S6V00uxyJnSVnWurt HZtZG1WIMZhbn9wIIOnBupflQfJwVasET3wZhVl2oKnKqLxJeGmHKRvS6/5SK25xWk nq3CyqFMtjtXefHhhOSTPfyJ+F5XbYPnBIuXK/4c=
To: tom petch <daedulus@btconnect.com>, last-call@ietf.org
Cc: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, tls-chairs@ietf.org, draft-ietf-tls-oldversions-deprecate@ietf.org, tls@ietf.org
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <5FAA69AB.4090802@btconnect.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <754d1831-e44f-0299-dcd1-24a311e8c442@cs.tcd.ie>
Date: Tue, 10 Nov 2020 11:18:14 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.2
MIME-Version: 1.0
In-Reply-To: <5FAA69AB.4090802@btconnect.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="QU1SijxrMAGwBFMOGfkU9D6Hligjr6e4c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fa4LIxMSbR66ziByW1kszuwrL2I>
Subject: Re: [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2020 11:18:26 -0000

Hiya,

On 10/11/2020 10:21, tom petch wrote:
> I am confused about the treatment here of DTLS.
> 
> The Abstract seems clear about the proposed action for TLS but then the 
> second paragraph has
> " This document also deprecates Datagram TLS (DTLS) version 1.0 (RFC6347)"
> 
> Mmmm, really?

Sorry, I don't understand the comment. If you're just teeing
up what's below that's fine, but I wasn't sure.

> 
> There is a list of current RFC that Normatively reference the deprecated 
> versions of DTLS and TLS; and then a list of obsolete RFC that 
> Normatively reference TLS but for DTLS...?  I look, for example, for 
> RFC5953 which is
> obsolete and which Normatively references DTLS 1.0 but without success; 
> nor can I find RFC6353 which is current and which Normatively references 
> DTLS 1.0 (and which is part of a STD - not sure what that does to the 
> Standard)

Could be we missed some references for sure. An early
version of those lists was produced from a script I wrote
and those were edited as people commented - I always
figured we'd make that better when getting comments at
IETF LC.

Is the gist of your comment then "add 6353 and 5953 to
the relevant lists" (which'd be fine by me) or that we
need to do something else/more? (In the latter case, I'm
not sure what you're suggesting so clarifying that'd be
good.)

> And, in several places
> /supercede/supersede/

One for the RFC editor I guess. But sure, will make 'em
all the same:-)

Thanks,
S.

> 
> Tom Petch
> 
> 
> On 09/11/2020 22:26, The IESG wrote:
>>
>> The IESG has received a request from the Transport Layer Security WG 
>> (tls) to
>> consider the following document: - 'Deprecating TLSv1.0 and TLSv1.1'
>>    <draft-ietf-tls-oldversions-deprecate-09.txt> as Best Current Practice
>>
>> The IESG plans to make a decision in the next few weeks, and solicits 
>> final
>> comments on this action. Please send substantive comments to the
>> last-call@ietf.org mailing lists by 2020-11-30. Exceptionally, 
>> comments may
>> be sent to iesg@ietf.org instead. In either case, please retain the 
>> beginning
>> of the Subject line to allow automated sorting.
>>
>> Abstract
>>
>>
>>     This document, if approved, formally deprecates Transport Layer
>>     Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346).
>>     Accordingly, those documents (will be moved|have been moved) to
>>     Historic status.  These versions lack support for current and
>>     recommended cryptographic algorithms and mechanisms, and various
>>     government and industry profiles of applications using TLS now
>>     mandate avoiding these old TLS versions.  TLSv1.2 has been the
>>     recommended version for IETF protocols since 2008, providing
>>     sufficient time to transition away from older versions.  Removing
>>     support for older versions from implementations reduces the attack
>>     surface, reduces opportunity for misconfiguration, and streamlines
>>     library and product maintenance.
>>
>>     This document also deprecates Datagram TLS (DTLS) version 1.0
>>     (RFC6347), but not DTLS version 1.2, and there is no DTLS version
>>     1.1.
>>
>>     This document updates many RFCs that normatively refer to TLSv1.0 or
>>     TLSv1.1 as described herein.  This document also updates the best
>>     practices for TLS usage in RFC 7525 and hence is part of BCP195.
>>
>>
>>
>>
>> The file can be obtained via
>> https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
>>
>>
>>
>> No IPR declarations have been submitted directly on this I-D.
>>
>>
>> The document contains these normative downward references.
>> See RFC 3967 for additional information:
>>      rfc5024: ODETTE File Transfer Protocol 2.0 (Informational - 
>> Independent Submission Editor stream)
>>      rfc5024: ODETTE File Transfer Protocol 2.0 (Informational - 
>> Independent Submission Editor stream)
>>      rfc5023: The Atom Publishing Protocol (Proposed Standard - IETF 
>> stream)
>>      rfc5019: The Lightweight Online Certificate Status Protocol 
>> (OCSP) Profile for High-Volume Environments (Proposed Standard - IETF 
>> stream)
>>      rfc5019: The Lightweight Online Certificate Status Protocol 
>> (OCSP) Profile for High-Volume Environments (Proposed Standard - IETF 
>> stream)
>>      rfc5018: Connection Establishment in the Binary Floor Control 
>> Protocol (BFCP) (Proposed Standard - IETF stream)
>>      rfc4992: XML Pipelining with Chunks for the Internet Registry 
>> Information Service (Proposed Standard - IETF stream)
>>      rfc4992: XML Pipelining with Chunks for the Internet Registry 
>> Information Service (Proposed Standard - IETF stream)
>>      rfc4976: Relay Extensions for the Message Sessions Relay Protocol 
>> (MSRP) (Proposed Standard - IETF stream)
>>      rfc4975: The Message Session Relay Protocol (MSRP) (Proposed 
>> Standard - IETF stream)
>>      rfc4975: The Message Session Relay Protocol (MSRP) (Proposed 
>> Standard - IETF stream)
>>      rfc4964: The P-Answer-State Header Extension to the Session 
>> Initiation Protocol for the Open Mobile Alliance Push to Talk over 
>> Cellular (Informational - IETF stream)
>>      rfc4964: The P-Answer-State Header Extension to the Session 
>> Initiation Protocol for the Open Mobile Alliance Push to Talk over 
>> Cellular (Informational - IETF stream)
>>      rfc4851: The Flexible Authentication via Secure Tunneling 
>> Extensible Authentication Protocol Method (EAP-FAST) (Informational - 
>> IETF stream)
>>      rfc4851: The Flexible Authentication via Secure Tunneling 
>> Extensible Authentication Protocol Method (EAP-FAST) (Informational - 
>> IETF stream)
>>      rfc4823: FTP Transport for Secure Peer-to-Peer Business Data 
>> Interchange over the Internet (Informational - IETF stream)
>>      rfc4823: FTP Transport for Secure Peer-to-Peer Business Data 
>> Interchange over the Internet (Informational - IETF stream)
>>      rfc4791: Calendaring Extensions to WebDAV (CalDAV) (Proposed 
>> Standard - IETF stream)
>>      rfc4791: Calendaring Extensions to WebDAV (CalDAV) (Proposed 
>> Standard - IETF stream)
>>      rfc4785: Pre-Shared Key (PSK) Ciphersuites with NULL Encryption 
>> for Transport Layer Security (TLS) (Proposed Standard - IETF stream)
>>      rfc4785: Pre-Shared Key (PSK) Ciphersuites with NULL Encryption 
>> for Transport Layer Security (TLS) (Proposed Standard - IETF stream)
>>      rfc4744: Using the NETCONF Protocol over the Blocks Extensible 
>> Exchange Protocol (BEEP) (Historic - IETF stream)
>>      rfc4744: Using the NETCONF Protocol over the Blocks Extensible 
>> Exchange Protocol (BEEP) (Historic - IETF stream)
>>      rfc4743: Using NETCONF over the Simple Object Access Protocol 
>> (SOAP) (Historic - IETF stream)
>>      rfc4743: Using NETCONF over the Simple Object Access Protocol 
>> (SOAP) (Historic - IETF stream)
>>      rfc4732: Internet Denial-of-Service Considerations (Informational 
>> - IAB stream)
>>      rfc4732: Internet Denial-of-Service Considerations (Informational 
>> - IAB stream)
>>      rfc4712: Transport Mappings for Real-time Application 
>> Quality-of-Service Monitoring (RAQMON) Protocol Data Unit (PDU) 
>> (Proposed Standard - IETF stream)
>>      rfc4712: Transport Mappings for Real-time Application 
>> Quality-of-Service Monitoring (RAQMON) Protocol Data Unit (PDU) 
>> (Proposed Standard - IETF stream)
>>      rfc4681: TLS User Mapping Extension (Proposed Standard - IETF 
>> stream)
>>      rfc4680: TLS Handshake Message for Supplemental Data (Proposed 
>> Standard - IETF stream)
>>      rfc4680: TLS Handshake Message for Supplemental Data (Proposed 
>> Standard - IETF stream)
>>      rfc4642: Using Transport Layer Security (TLS) with Network News 
>> Transfer Protocol (NNTP) (Proposed Standard - IETF stream)
>>      rfc4642: Using Transport Layer Security (TLS) with Network News 
>> Transfer Protocol (NNTP) (Proposed Standard - IETF stream)
>>      rfc4616: The PLAIN Simple Authentication and Security Layer 
>> (SASL) Mechanism (Proposed Standard - IETF stream)
>>      rfc4616: The PLAIN Simple Authentication and Security Layer 
>> (SASL) Mechanism (Proposed Standard - IETF stream)
>>      rfc4582: The Binary Floor Control Protocol (BFCP) (Proposed 
>> Standard - IETF stream)
>>      rfc4582: The Binary Floor Control Protocol (BFCP) (Proposed 
>> Standard - IETF stream)
>>      rfc4540: NEC's Simple Middlebox Configuration (SIMCO) Protocol 
>> Version 3.0 (Experimental - Independent Submission Editor stream)
>>      rfc4540: NEC's Simple Middlebox Configuration (SIMCO) Protocol 
>> Version 3.0 (Experimental - Independent Submission Editor stream)
>>      rfc4531: Lightweight Directory Access Protocol (LDAP) Turn 
>> Operation (Experimental - IETF stream)
>>      rfc4513: Lightweight Directory Access Protocol (LDAP): 
>> Authentication Methods and Security Mechanisms (Proposed Standard - 
>> IETF stream)
>>      rfc3436: Transport Layer Security over Stream Control 
>> Transmission Protocol (Proposed Standard - IETF stream)
>>      rfc3436: Transport Layer Security over Stream Control 
>> Transmission Protocol (Proposed Standard - IETF stream)
>>      rfc3329: Security Mechanism Agreement for the Session Initiation 
>> Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc3329: Security Mechanism Agreement for the Session Initiation 
>> Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc3261: SIP: Session Initiation Protocol (Proposed Standard - 
>> IETF stream)
>>      rfc3261: SIP: Session Initiation Protocol (Proposed Standard - 
>> IETF stream)
>>      rfc2246: The TLS Protocol Version 1.0 (Proposed Standard - IETF 
>> stream)
>>      rfc6749: The OAuth 2.0 Authorization Framework (Proposed Standard 
>> - IETF stream)
>>      rfc6739: Synchronizing Service Boundaries and <mapping> Elements 
>> Based on the Location-to-Service Translation (LoST) Protocol 
>> (Experimental - IETF stream)
>>      rfc6739: Synchronizing Service Boundaries and <mapping> Elements 
>> Based on the Location-to-Service Translation (LoST) Protocol 
>> (Experimental - IETF stream)
>>      rfc6367: Addition of the Camellia Cipher Suites to Transport 
>> Layer Security (TLS) (Informational - IETF stream)
>>      rfc6367: Addition of the Camellia Cipher Suites to Transport 
>> Layer Security (TLS) (Informational - IETF stream)
>>      rfc6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0 
>> (Proposed Standard - IETF stream)
>>      rfc6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0 
>> (Proposed Standard - IETF stream)
>>      rfc6042: Transport Layer Security (TLS) Authorization Using 
>> KeyNote (Informational - Independent Submission Editor stream)
>>      rfc5878: Transport Layer Security (TLS) Authorization Extensions 
>> (Experimental - IETF stream)
>>      rfc5469: DES and IDEA Cipher Suites for Transport Layer Security 
>> (TLS) (Informational - IETF stream)
>>      rfc5469: DES and IDEA Cipher Suites for Transport Layer Security 
>> (TLS) (Informational - IETF stream)
>>      rfc5422: Dynamic Provisioning Using Flexible Authentication via 
>> Secure Tunneling Extensible Authentication Protocol (EAP-FAST) 
>> (Informational - IETF stream)
>>      rfc5422: Dynamic Provisioning Using Flexible Authentication via 
>> Secure Tunneling Extensible Authentication Protocol (EAP-FAST) 
>> (Informational - IETF stream)
>>      rfc5364: Extensible Markup Language (XML) Format Extension for 
>> Representing Copy Control Attributes in Resource Lists (Proposed 
>> Standard - IETF stream)
>>      rfc5364: Extensible Markup Language (XML) Format Extension for 
>> Representing Copy Control Attributes in Resource Lists (Proposed 
>> Standard - IETF stream)
>>      rfc5281: Extensible Authentication Protocol Tunneled Transport 
>> Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0) 
>> (Informational - IETF stream)
>>      rfc5281: Extensible Authentication Protocol Tunneled Transport 
>> Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0) 
>> (Informational - IETF stream)
>>      rfc5263: Session Initiation Protocol (SIP) Extension for Partial 
>> Notification of Presence Information (Proposed Standard - IETF stream)
>>      rfc5263: Session Initiation Protocol (SIP) Extension for Partial 
>> Notification of Presence Information (Proposed Standard - IETF stream)
>>      rfc5238: Datagram Transport Layer Security (DTLS) over the 
>> Datagram Congestion Control Protocol (DCCP) (Proposed Standard - IETF 
>> stream)
>>      rfc5216: The EAP-TLS Authentication Protocol (Proposed Standard - 
>> IETF stream)
>>      rfc5216: The EAP-TLS Authentication Protocol (Proposed Standard - 
>> IETF stream)
>>      rfc5158: 6to4 Reverse DNS Delegation Specification (Informational 
>> - IETF stream)
>>      rfc5091: Identity-Based Cryptography Standard (IBCS) #1: 
>> Supersingular Curve Implementations of the BF and BB1 Cryptosystems 
>> (Informational - IETF stream)
>>      rfc5054: Using the Secure Remote Password (SRP) Protocol for TLS 
>> Authentication (Informational - IETF stream)
>>      rfc5054: Using the Secure Remote Password (SRP) Protocol for TLS 
>> Authentication (Informational - IETF stream)
>>      rfc5049: Applying Signaling Compression (SigComp) to the Session 
>> Initiation Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc3501: INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1 
>> (Proposed Standard - IETF stream)
>>      rfc3501: INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1 
>> (Proposed Standard - IETF stream)
>>      rfc4346: The Transport Layer Security (TLS) Protocol Version 1.1 
>> (Proposed Standard - IETF stream)
>>      rfc2246: The TLS Protocol Version 1.0 (Proposed Standard - IETF 
>> stream)
>>      rfc4346: The Transport Layer Security (TLS) Protocol Version 1.1 
>> (Proposed Standard - IETF stream)
>>      rfc4279: Pre-Shared Key Ciphersuites for Transport Layer Security 
>> (TLS) (Proposed Standard - IETF stream)
>>      rfc4261: Common Open Policy Service (COPS) Over Transport Layer 
>> Security (TLS) (Proposed Standard - IETF stream)
>>      rfc4235: An INVITE-Initiated Dialog Event Package for the Session 
>> Initiation Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc4235: An INVITE-Initiated Dialog Event Package for the Session 
>> Initiation Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc4217: Securing FTP with TLS (Proposed Standard - IETF stream)
>>      rfc4168: The Stream Control Transmission Protocol (SCTP) as a 
>> Transport for the Session Initiation Protocol (SIP) (Proposed Standard 
>> - IETF stream)
>>      rfc4162: Addition of SEED Cipher Suites to Transport Layer 
>> Security (TLS) (Proposed Standard - IETF stream)
>>      rfc4111: Security Framework for Provider-Provisioned Virtual 
>> Private Networks (PPVPNs) (Informational - IETF stream)
>>      rfc4097: Middlebox Communications (MIDCOM) Protocol Evaluation 
>> (Informational - IETF stream)
>>      rfc4097: Middlebox Communications (MIDCOM) Protocol Evaluation 
>> (Informational - IETF stream)
>>      rfc3983: Using the Internet Registry Information Service (IRIS) 
>> over the Blocks Extensible Exchange Protocol (BEEP) (Proposed Standard 
>> - IETF stream)
>>      rfc3943: Transport Layer Security (TLS) Protocol Compression 
>> Using Lempel-Ziv-Stac (LZS) (Informational - IETF stream)
>>      rfc3903: Session Initiation Protocol (SIP) Extension for Event 
>> State Publication (Proposed Standard - IETF stream)
>>      rfc6749: The OAuth 2.0 Authorization Framework (Proposed Standard 
>> - IETF stream)
>>      rfc3887: Message Tracking Query Protocol (Proposed Standard - 
>> IETF stream)
>>      rfc3871: Operational Security Requirements for Large Internet 
>> Service Provider (ISP) IP Network Infrastructure (Informational - IETF 
>> stream)
>>      rfc3871: Operational Security Requirements for Large Internet 
>> Service Provider (ISP) IP Network Infrastructure (Informational - IETF 
>> stream)
>>      rfc3856: A Presence Event Package for the Session Initiation 
>> Protocol (SIP) (Proposed Standard - IETF stream)
>>      rfc3767: Securely Available Credentials Protocol (Proposed 
>> Standard - IETF stream)
>>      rfc3749: Transport Layer Security Protocol Compression Methods 
>> (Proposed Standard - IETF stream)
>>      rfc3749: Transport Layer Security Protocol Compression Methods 
>> (Proposed Standard - IETF stream)
>>      rfc3656: The Mailbox Update (MUPDATE) Distributed Mailbox 
>> Database Protocol (Experimental - Independent Submission Editor stream)
>>      rfc3568: Known Content Network (CN) Request-Routing Mechanisms 
>> (Informational - IETF stream)
>>      rfc6750: The OAuth 2.0 Authorization Framework: Bearer Token 
>> Usage (Proposed Standard - IETF stream)
>>      rfc6750: The OAuth 2.0 Authorization Framework: Bearer Token 
>> Usage (Proposed Standard - IETF stream)
>>      rfc7030: Enrollment over Secure Transport (Proposed Standard - 
>> IETF stream)
>>      rfc7030: Enrollment over Secure Transport (Proposed Standard - 
>> IETF stream)
>>      rfc7465: Prohibiting RC4 Cipher Suites (Proposed Standard - IETF 
>> stream)
>>      rfc7465: Prohibiting RC4 Cipher Suites (Proposed Standard - IETF 
>> stream)
>>      rfc7507: TLS Fallback Signaling Cipher Suite Value (SCSV) for 
>> Preventing Protocol Downgrade Attacks (Proposed Standard - IETF stream)
>>      rfc7507: TLS Fallback Signaling Cipher Suite Value (SCSV) for 
>> Preventing Protocol Downgrade Attacks (Proposed Standard - IETF stream)
>>      rfc7562: Transport Layer Security (TLS) Authorization Using 
>> Digital Transmission Content Protection (DTCP) Certificates 
>> (Informational - Independent Submission Editor stream)
>>      rfc7562: Transport Layer Security (TLS) Authorization Using 
>> Digital Transmission Content Protection (DTCP) Certificates 
>> (Informational - Independent Submission Editor stream)
>>      rfc7568: Deprecating Secure Sockets Layer Version 3.0 (Proposed 
>> Standard - IETF stream)
>>      rfc7568: Deprecating Secure Sockets Layer Version 3.0 (Proposed 
>> Standard - IETF stream)
>>      rfc8422: Elliptic Curve Cryptography (ECC) Cipher Suites for 
>> Transport Layer Security (TLS) Versions 1.2 and Earlier (Proposed 
>> Standard - IETF stream)
>>      rfc8422: Elliptic Curve Cryptography (ECC) Cipher Suites for 
>> Transport Layer Security (TLS) Versions 1.2 and Earlier (Proposed 
>> Standard - IETF stream)
>>
>>
>>
>>
>> _______________________________________________
>> IETF-Announce mailing list
>> IETF-Announce@ietf.org
>> https://www.ietf.org/mailman/listinfo/ietf-announce
>> .
>>