Re: [TLS] [Iot-directorate] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Fri, 30 July 2021 09:08 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C86F33A22C1; Fri, 30 Jul 2021 02:08:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=U32sc2P8; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=U32sc2P8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVQO9tIywoXV; Fri, 30 Jul 2021 02:08:14 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80050.outbound.protection.outlook.com [40.107.8.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 165BA3A22BC; Fri, 30 Jul 2021 02:08:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iyvCCrzmMqi1GJvQH0ST72d6k9G+UnBAKXATWYV4z7s=; b=U32sc2P8XebsaL+zZipQsHFJofXMagDmB8KwvXFH0l4suskJUCLUYKcKI4jo2ODytos2UgPEpKnmspDG7HZZyDQk+hmRtmfZmEQksBW1bsgFlKxVASQR006tDKdYpGxIp80myN/urvFgefNc6BGavJAWYMh3QMci+M6gQ17Dlsc=
Received: from DB7PR03CA0084.eurprd03.prod.outlook.com (2603:10a6:10:72::25) by DB6PR0802MB2454.eurprd08.prod.outlook.com (2603:10a6:4:9f::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.29; Fri, 30 Jul 2021 09:08:10 +0000
Received: from DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:72:cafe::8e) by DB7PR03CA0084.outlook.office365.com (2603:10a6:10:72::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.17 via Frontend Transport; Fri, 30 Jul 2021 09:08:10 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT006.mail.protection.outlook.com (10.152.20.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18 via Frontend Transport; Fri, 30 Jul 2021 09:08:09 +0000
Received: ("Tessian outbound 69e1fde53269:v100"); Fri, 30 Jul 2021 09:08:09 +0000
X-CR-MTA-TID: 64aa7808
Received: from 8be1c9766208.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id E087BF51-4D7C-4E84-A21F-AC41AF713739.1; Fri, 30 Jul 2021 09:08:04 +0000
Received: from EUR02-AM5-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 8be1c9766208.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 30 Jul 2021 09:08:04 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PuNGR2Z+NpmedS9YDjKs/PaHtJcS6OeCPCP035Zxbh+p1dHFPaICWFzHTSIt1EOmbdldWMo8DoLl8gPrbKkPMujXeY21EnVLADfqNdEdomZlelkaLw/imW1edtjeujtV3FRQggj3Ug5z0LwCVKHoHlFVDAz7L55jRxxFrMC0QV/CYDR600XvqKBpCtOxvMhWsHSlJ7G7h3Zahy7mZ//sXHdgwcsc55WkwqxNfgNB6k+gPq5wbhF6eYEiD3EvXQyFr8sn33Zc8dlNy1HD2FAX60qU3uIAbW9Uxl8brLVIpm8Hyowc3u0FJABBI6ZruWusMVVZngcvw3Zwj6o4es8raw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iyvCCrzmMqi1GJvQH0ST72d6k9G+UnBAKXATWYV4z7s=; b=R1rGm6oEyjfVgjkX/ORIpBMPgxYwzzQbY6921NSSHMVdTGxlONhzzRq9W5jy/yraJLQzsueuosfjUuINfMRiYAP1oAGFlztup7nc50YsFoHSRK3ZSX8zrzqrg4sGSlK6mdqj013tUXdu5QqyNoXqtFyeG6iSYHoGKv3ApZFOhcwSVvWbYjHi0qocJWJlNiADPqkNO5hxTxJbQGJb2dR3WqiLS73mfKaEfgn/2KCixjrb1fTY3a0oWkbOpnLy7a/CJ6Eyrz376K8ShlVb5GOJe/A5ck0uZEFyEYksvSYyda1es0CCg2cBgPa/hABvvm0vAgIp6cuDpp1O5mRwRVxlxA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iyvCCrzmMqi1GJvQH0ST72d6k9G+UnBAKXATWYV4z7s=; b=U32sc2P8XebsaL+zZipQsHFJofXMagDmB8KwvXFH0l4suskJUCLUYKcKI4jo2ODytos2UgPEpKnmspDG7HZZyDQk+hmRtmfZmEQksBW1bsgFlKxVASQR006tDKdYpGxIp80myN/urvFgefNc6BGavJAWYMh3QMci+M6gQ17Dlsc=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by DBBPR08MB5914.eurprd08.prod.outlook.com (2603:10a6:10:200::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.21; Fri, 30 Jul 2021 09:08:02 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::55c7:8f34:351:9518]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::55c7:8f34:351:9518%3]) with mapi id 15.20.4373.025; Fri, 30 Jul 2021 09:08:02 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Russ Housley <housley@vigilsec.com>, Sean Turner <sean@sn3rd.com>, IETF TLS <tls@ietf.org>
CC: "iot-directorate@ietf.org" <iot-directorate@ietf.org>, "draft-ietf-tls-md5-sha1-deprecate.all@ietf.org" <draft-ietf-tls-md5-sha1-deprecate.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [Iot-directorate] [TLS] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04
Thread-Index: AQHXg/Edp7Wb64du20KnPDx/xO+AwatbOGhg
Date: Fri, 30 Jul 2021 09:08:02 +0000
Message-ID: <DBBPR08MB5915AE02B525DE00B05F9EBEFAEC9@DBBPR08MB5915.eurprd08.prod.outlook.com>
References: <160380837029.27888.4435196327617929302@ietfa.amsl.com> <9EA8797E-2487-4465-9608-6CCB6E565BEE@sn3rd.com> <CADZyTk=_WSrc+UfKmZ6b=HzmfEvitu1p6Q9N7GvkHUn3619dnw@mail.gmail.com> <CAOp4FwRyd7tAcbQJR3Td_N=SgdUionwvbXfva2_tnvXcvHWkvA@mail.gmail.com> <CADZyTknQhh=yNf2isOutZa1XKoHtk6dOvE6hgXni8JowsJm=eQ@mail.gmail.com> <C93021E9-3F50-4448-8659-EE6688C3A9E0@sn3rd.com> <C9D655C0-BD5E-4E52-BFF4-BD88D281B34B@sn3rd.com> <CADZyTknWs-kNp4EO39souKQwHsT=EAWOQ_E5Z4J77KFgudhhhg@mail.gmail.com> <CADZyTk=tgThJ7RJ_=K=gdDYcUWkhy0AjcLB_Nvf1=UEUBrzAUQ@mail.gmail.com> <32892AD4-EA0B-49F2-9CFD-FA9509FA3010@sn3rd.com> <A48DAF03-F2CB-4448-B9E8-6AE4ECB77565@vigilsec.com>
In-Reply-To: <A48DAF03-F2CB-4448-B9E8-6AE4ECB77565@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 89F976062188354F82F071DDA95CA843.0
x-checkrecipientchecked: true
Authentication-Results-Original: vigilsec.com; dkim=none (message not signed) header.d=none; vigilsec.com; dmarc=none action=none header.from=arm.com;
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 197d10b8-bd2b-4842-d79d-08d953398d5e
x-ms-traffictypediagnostic: DBBPR08MB5914:|DB6PR0802MB2454:
X-Microsoft-Antispam-PRVS: <DB6PR0802MB2454DD20E97B172B4D15C14CFAEC9@DB6PR0802MB2454.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: lijCfuNQtcSsFXxvnXFnmw7RK1bBBhVUJe5v+UWvm1i/dcI/vLUTfv6H56Yu+G0GG8mQzvh94aZKnMHUByDPjzTksElCl0H78GuM90h+0yt5t5bRslPRjinD8MGoUXbtLgNYlfym2HUpkZEfx+/eaIfuuM/xfeENqnDD3Sr1kpgEmfww5SPq6bziWN9JnfEnIfpoQcjuT+FWt64fqbjkxRmeJ8Hfqj2kIufRIEBZYYgbAA0L68nQaNCtQqWFliXKwOm4fewbEMLMs87b7WV2MoL5aUl8cO/Mo9Uyw8z82GVYhPo9D+QqkfWaPeovi8JQCFCoZ02EiKPYdYvYyyurzEaLifR0jaH+1qKUwaEB27YGVRMSdEEmiKjHpFEQ7tQcwa3N7zOREHVZgVRqgG/DeIQrod4HjU9mw4UG4Kzej+Lzgp9m7bmTdGc4JbX9mznhhRVWXUw01ya1p+dOv902aekhcFqdgHKGUhQ8SnQjUH3kFx12wdWh6dybW8SGnn1uZ0xTsn+/sFTB4os/mJOZENEwge3wzo59QjrhTg65lvOJ0WOBwnrh+pQLH5+zHBNT96n8lM/zMfkrL23gPP7Ylnw12cSq59PCKkDBAkIuVvW/hvxr6DAa2/zwu5+L+e8bTqVPL2stGpG2YmKzFYUr2a4HazMmNwhTF8JunQYLwSsoLrPZ3TUtQTXi55mx03rWtpdsCQxalKWRMj0h7OAiEgnzUv/F1Ow1nDuAVedRah2hBYNrSQDk7MAi3GLli8X53HnJvPCwNPR79Z5s32C+S73zwvKKu+XqX35sn5HANM2a0kvO5U0tQ/dFFNHll7JF2eYT5wJhT26sv+FnE3Iunw==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(396003)(39860400002)(136003)(366004)(8936002)(966005)(26005)(33656002)(4326008)(83380400001)(316002)(110136005)(66574015)(54906003)(478600001)(122000001)(186003)(55016002)(38100700002)(66476007)(64756008)(66446008)(66556008)(52536014)(76116006)(66946007)(7696005)(8676002)(53546011)(5660300002)(38070700005)(86362001)(6506007)(2906002)(9686003)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?TzRIdUtjM1E3WjRPSXpmdmQwVDNsajF1enhFUjBmVFh3OTl3cm8zaDRrYVlG?= =?utf-8?B?N0pobngyQ3ZuOXNrZ2w1a3NmK254UjJUalhZdUk2YmpSdGhKS0twUlg2dC9U?= =?utf-8?B?eGlwMFY0RU16ei9lZkF4Z2g4ek9wdW1Ub0hXWDJRSDNtMll3UzAvcVcvTzVh?= =?utf-8?B?Ym80bE50SXNLNS9hd0pkRVdSVjA1NWpUcUtjNWxmRWVvYi9LZGQzQ0haNjhW?= =?utf-8?B?U0ptUGZGUXlmeVU5dnc3SjBWR0I4NjRYVWIwWURSZVZNak9kVXJBQWhMVU5N?= =?utf-8?B?aTlJWVBaNWNhT0FTOGRwR1ZKaW81TFlNYXArYjMyNkUyRnFSU2RZUGhtL3F2?= =?utf-8?B?Wi93MHRjT21Fd2tNZTdFTTFOWDBCb3NXbFh6M2NlbUFLUlcwVU5LK3BEMCti?= =?utf-8?B?cXdhS1JNeHJIc0cveGpPbXhjOEVjSmpubExLVXRWZ0d3dll3TEhlUzJCYnhs?= =?utf-8?B?VnhWYmNhQmhEQ2dCaTlDVTBWNjRPclZmN1h3Z0JKQkdqUXlHT1c0K3N4bDd5?= =?utf-8?B?QlFLY2RkdzFTOUdmeFA5dGpGRURSd0RVa1FnTmhuV1NPUndoTTBPajZiMUww?= =?utf-8?B?eWlOcUhmZzNSb3N3RUQxRkpkcDFYVEtvclY3bjZaSjZVYlFrODNKcGFHR25q?= =?utf-8?B?aVFzajRuTTErUWVwWi9Uc0ZXdTNWLzZmSkFsbHlPQ1pHVVd4cGdhVURQVVZV?= =?utf-8?B?QmFRUnkzMVRQbU0zUU5POUQ5OExmc2JIM0paSlhpUTVOVFRUaDZjNCs1Tk8y?= =?utf-8?B?QXo0TmhhTXhlU1F0bUxNVkNMejZ5K0ZkSmpJUTVSR29tMnhucDFBQWVJdUov?= =?utf-8?B?eW55UEpGWFVqcTlPQVhYUzh6bFFBQW8xOWJUeFNWS0tmVW80eG1qVFhCZXZs?= =?utf-8?B?WUcvZlFTemQ4WGpTV3l5VnAzc2VlZ2pUTzFYc2lZaU4vVlJiYzFSSFRHZVY2?= =?utf-8?B?c0Nqb2FybkxGZmppY01Bd0xyc0ZFK1c3cThqN2JZalBYeUdCR2p1NlZhYlcw?= =?utf-8?B?aU1qczgxaDdGcFpLdDQwMWRhZ0w0QnBMQVlrQkI0eEVydnRCZFBZN2pHMjdt?= =?utf-8?B?NUNXa0VRK1NGRDE5M0kyc1BhcGhRV0lWbW9wNTRNdU5KVms5TlZtNGtNUTBv?= =?utf-8?B?bXRzK0NvSlBDYlp3ZjVCdlI0VVB1KzgxbTRZK1hQVG9wQXFLZGxjMmxoT2VZ?= =?utf-8?B?RUhybWx1cXQxejVrdWZ4di9HRUNqN3IyY2VYUlg2UmlZQXcwd3NYcU1QNVV4?= =?utf-8?B?SkE0UlhpSlNUTEIwRjc0OWRYUTVVV1Nya1pWMVVCRWkrVTNzTW1SeFJvYkR0?= =?utf-8?B?amZQVUVHK1VPT2N6TFViNUtnZTJGN3Z4Ym0yeW9SOHNkWUhvL3FXaXRURi9J?= =?utf-8?B?ZVhBWjU0VVRjRERNaG5EcWZRdmZxcUdpcU45SElGYS85RkRBL0hVRDJEc3ZO?= =?utf-8?B?dXdMUldVY2RjcFZTUktRUDFhQTN3RE9NbExNZ3grVjdnNTBSVXJMYzJrVWRN?= =?utf-8?B?WDVGTC96dDhnSE5xNjl0T1NSK2dnL0dtdXJtZ3pKTXNZQXNLcmNLRnl4bG80?= =?utf-8?B?WWZoNUl3dVQ4UzZyT1dwR1FNQk9ITGZDMVRQTFE4OFU5L1BWZ2RiSCtjYWhP?= =?utf-8?B?eWNWc0x5Tk9TUDhLZVlhU2svSi8xTTI2T0JhcGhPeEZWYkVjSmhSYXVQNGVG?= =?utf-8?B?WVNlcWpFRDJCdmN2cnJ5Wk1VOWJsKzVVZ3dBM2F3clVDWTdRYStmdDBMcEpF?= =?utf-8?Q?eLx70ARfiDFLBL0C/OqMjI1e9VwPY/BapJAVQOD?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB5914
Original-Authentication-Results: vigilsec.com; dkim=none (message not signed) header.d=none; vigilsec.com; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: b00c4981-afbc-4c8d-52f7-08d95339890b
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: y6ockedJdshqz1RVDyqQ3ahaCnKzx4Ky3CN90ekNLngSg0hrd+tXWF0WN0/yKUfqie6LuDrg/EAp/9Lb2bIktaiDuMhfYb9tHP3chahRMGYZMMk608ZPZ/afw3ayOZSeA1LWfRjJYjSp9HLhknJdL0gTgqnB1W9So5hSjfVPs4EbkcSFA2VOWonCGzyTf9v0vyYmGrurRQwvmaVJhot1gIQGEiAby0Cs2JACqB6ZQfkPN76f0anqH8nUrYG3ex1HVATis3wnm6SWV2R+hAdmK5MR/OnAzEYJYUeA1421OSI3Uz5BO/gfIq2J8/gA9kX5jGWxBngM2vAG5lEBcJNUZimGL7Ps14XgodF3fqqJTJ+oGq0cLM25ilrZ+0Rm7m/c5h9PUM83MBalIuuD88fKIGgnOA/81bjQ9TgJZYUQQu3kazI0JUNMnimUBsXkzb9zdTvPtjmWtcNkv82HtaB/8sqE7KR53g7AlWlE/pcFDX2r1O4xQdRwJDndlG/6jR/5hp+Gdko9ZY9/yUjIc7OI4d/5C07vDJmL3J0qW6Jd+OOPOOfFm52mpVu1bdAMSJXr9vrhqLLwDHGAaP/IlNi1ZyCU3FEyGR9D69zP9N/rcDt4MtwLcsQGDS9Ges0834dsCV5vR9/LHpME5ZUbTBlje2s6N9wFiI4qPy7uUftoHOij1UG/OeoAcQHYfClf+8Y3zg6V35znfR8pCJixWHiSy/PdaCgUP7ZiV5sHe+TyGa2dUV5V/Okle1cLOxktMsICfVGp0HuS8WxXp69JncOParK03q9fUf5Eq3DtOyDg7pXMbpn1EbEa0RcDbkwhLgW5
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(36840700001)(46966006)(316002)(81166007)(66574015)(6506007)(53546011)(86362001)(8936002)(47076005)(508600001)(54906003)(5660300002)(110136005)(2906002)(52536014)(26005)(70206006)(83380400001)(33656002)(70586007)(186003)(336012)(36860700001)(55016002)(9686003)(966005)(4326008)(450100002)(8676002)(82310400003)(356005)(7696005); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2021 09:08:09.9500 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 197d10b8-bd2b-4842-d79d-08d953398d5e
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: DB5EUR03FT006.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0802MB2454
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mfkdNkarRu35bx154aFx_Ko92ao>
Subject: Re: [TLS] [Iot-directorate] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 09:08:19 -0000

I have no problem with the suggestion.

A few other observations:

1. FWIW: The reference to [Wang] is incomplete.

2. The references to the other papers use the websites of the authors or project websites. I would use more stable references.

3. Kathleen's affiliation is also outdated.

4. Is the update to RFC 7525 relevant given that there is an update of RFC 7525 in progress (see https://datatracker.ietf.org/doc/html/draft-ietf-uta-rfc7525bis-01) and even near completion?

5. The title of the draft gives the impression that this update only refers to TLS 1.2 but later in the draft DTLS is also included via the reference to RFC 7525. Should the title be changed to "Deprecating MD5 and SHA-1 signature hashes in TLS/DTLS 1.2"?

Ciao
Hannes

-----Original Message-----
From: Iot-directorate <iot-directorate-bounces@ietf.org> On Behalf Of Russ Housley
Sent: Wednesday, July 28, 2021 10:34 PM
To: Sean Turner <sean@sn3rd.com>om>; IETF TLS <tls@ietf.org>
Cc: iot-directorate@ietf.org; draft-ietf-tls-md5-sha1-deprecate.all@ietf.org; last-call@ietf.org
Subject: Re: [Iot-directorate] [TLS] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04

>   In Section 7.1.4.1: the following text is removed:

     If the client supports only the default hash and signature algorithms
     (listed in this section), it MAY omit the signature_algorithms
     extension.

>   Since it’s a MAY, I am a-okay with deleting. Anybody else see harm?

I don't see any harm.

Russ

--
Iot-directorate mailing list
Iot-directorate@ietf.org
https://www.ietf.org/mailman/listinfo/iot-directorate
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.