Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

"Ackermann, Michael" <MAckermann@bcbsm.com> Thu, 03 December 2020 22:39 UTC

Return-Path: <mackermann@bcbsm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4762B3A0DDB for <tls@ietfa.amsl.com>; Thu, 3 Dec 2020 14:39:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.734
X-Spam-Level:
X-Spam-Status: No, score=-3.734 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); domainkeys=pass (1024-bit key) header.from=MAckermann@bcbsm.com header.d=bcbsm.com; dkim=pass (1024-bit key) header.d=bcbsm.com header.b=f6dhsJHD; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=bcbsm.onmicrosoft.com header.b=bDsA2WZu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HYeTEaEymZsk for <tls@ietfa.amsl.com>; Thu, 3 Dec 2020 14:39:39 -0800 (PST)
Received: from mx.z120.zixworks.com (bcbsm.zixworks.com [199.30.235.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 812953A0DD9 for <tls@ietf.org>; Thu, 3 Dec 2020 14:39:39 -0800 (PST)
Received: from 127.0.0.1 (ZixVPM [127.0.0.1]) by Outbound.z120.zixworks.com (Proprietary) with SMTP id 36E66C0E78 for <tls@ietf.org>; Thu, 3 Dec 2020 16:21:01 -0600 (CST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ZIXVPM1670e2ded26; d=bcbsm.com; h=From:To:Subject:Date; b=GYP6U+jLuXmTaoO738nq9HEnZXiv3bkWKYjohCw91AAZLmlfUubwpl6OuuQ7Dt1J E+jg9+sjsoovoHdFJoYwTSyTd7b4ssJ4XeeLAb8bJpWGTQL0jJUb8anh6NxwL3 e6FSTaFs9a8j69uQB8jXceVLohwMcRlUVMHFlkcrkBwJw=;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bcbsm.com; s=ZIXVPM1670e2ded26; t=1607034061; bh=DKyDJoiu1bYreExDBCT+nEIfFqg4mhGASpZm1ZjIfRA=; h=From:To:Subject:Date; b=f6dhsJHDAO+NvKLqnWs3WmGiLo1ug6LINrcCjH4x+wQ1JMJ3D5C6APYeb/Y9hUGTx ++/SSijtHkTv+Irt9HYMWH0u5sXfQprrVyUSFAdK7g8FcBJhKTGEekJBTdmxWgzxxM 87+zT3Jy64Quv6159vQT19QHRpphG/Au33jeFJZc=
Received: from imsva2.bcbsm.com (inetmta04.bcbsm.com [12.107.172.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.z120.zixworks.com (Proprietary) with ESMTPS id 11B0EC0E6B; Thu, 3 Dec 2020 16:20:59 -0600 (CST)
Received: from imsva2.bcbsm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B506CFE08E; Thu, 3 Dec 2020 17:20:58 -0500 (EST)
Received: from imsva2.bcbsm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8B891FE085; Thu, 3 Dec 2020 17:20:58 -0500 (EST)
Received: from NAM04-DM6-obe.outbound.protection.outlook.com (unknown [104.47.73.49]) by imsva2.bcbsm.com (Postfix) with ESMTPS; Thu, 3 Dec 2020 17:20:58 -0500 (EST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bs7/XCwlFOSakcmmMzraO68egtPLADvKjbNzv72VhufCAA8WUWo93zvnREI5TioCzoumeRv9rNnt4mJuQsSQD0+CjTfnX+gdFa5jDaVFYgalSDuNKJiK4ae1F0c0HOCsHXR2pKp1QtgfGwllLpGQ3udejhOJ5jd4FfKyLXSR+ttm5tE7HF1QGPh+esTa5h/dje+Vgf//skyKqM0ns3MwJGp51ntdE4progl/Ck2QZpCGqRZuPKPKmk2WluK1ZaKGtgzdmlbgRwfQX4JCrq5FVKeqC/eO2qHErHAsgylcPRTctFoIGoiOG26uTfVJ5szwTuLW5Ll1SZzEybnLnKSl/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Nx+ZcSo6PDH0QeVlooWd3CI83GQFsBIflP/K5pQ64OQ=; b=OWP1GYRpADrBVP7AgQwjoB1a+Hb6UMIIofvFKTnE5Blk8hL/LF7q0PQ/pdXB6N3RpY9AU2qUzw2B+tOHNryehdn0U5WwvLqlOHph3eFSKZxOgDhwSIyv8e0Qfw1oSsmrvYwG9wahJgZucSr1pZ2gBigFqhPMhj9uy9iTxQCI8Or9qarUntVjJhifQ5BuWcAKdPSWPhPvMx5IZeVJ/lUnXUwrbSWgTNWmaIrXQm8YvMgYulNwlA1gs9EkYnzxN1a7tBdxUnRGT1yMEeDaXvzchE1RaTU+2Dbn05tZglTruoKPxiT/QSHw9MnHTrpmbirDbYK0jdaNSBb6nguMcSF/Fw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bcbsm.com; dmarc=pass action=none header.from=bcbsm.com; dkim=pass header.d=bcbsm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bcbsm.onmicrosoft.com; s=selector2-bcbsm-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Nx+ZcSo6PDH0QeVlooWd3CI83GQFsBIflP/K5pQ64OQ=; b=bDsA2WZuI9fD9X2fd+tt2ayVmHmlsLLguFtveptOAVq/i9KPVRkh7AWOS8QbKwzj/lP+DCY3dCCoLeri5heAuYzh5hYorOn9ulfwXLQgDEdcaGcfdbs/piT/ziy+a0tHVkgH8Z+zMypgbEj+rh9htZ2NnW8TyMbM/ingJgUSfEs=
Received: from DM6PR14MB3178.namprd14.prod.outlook.com (2603:10b6:5:118::30) by DM6PR14MB2153.namprd14.prod.outlook.com (2603:10b6:5:b0::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.24; Thu, 3 Dec 2020 22:20:57 +0000
Received: from DM6PR14MB3178.namprd14.prod.outlook.com ([fe80::51c:67e0:e24e:d676]) by DM6PR14MB3178.namprd14.prod.outlook.com ([fe80::51c:67e0:e24e:d676%6]) with mapi id 15.20.3632.019; Thu, 3 Dec 2020 22:20:57 +0000
From: "Ackermann, Michael" <MAckermann@bcbsm.com>
To: "STARK, BARBARA H" <bs7652@att.com>, 'Watson Ladd' <watsonbladd@gmail.com>
CC: 'Eliot Lear' <lear=40cisco.com@dmarc.ietf.org>, 'Peter Gutmann' <pgut001@cs.auckland.ac.nz>, "'draft-ietf-tls-oldversions-deprecate@ietf.org'" <draft-ietf-tls-oldversions-deprecate@ietf.org>, "'last-call@ietf.org'" <last-call@ietf.org>, "'tls@ietf.org'" <tls@ietf.org>, "'tls-chairs@ietf.org'" <tls-chairs@ietf.org>
Thread-Topic: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
Thread-Index: AQHWx3wfv3qMkbrqc0yfLCitcBgXEanh+dWAgABeAQCAAAivgIABQK+AgAACzACAAEA48IAAGsEAgAAI90CAACFqgIAACI3wgAFPkACAABvEgIAAC2CQ
Date: Thu, 3 Dec 2020 22:20:52 +0000
Deferred-Delivery: Thu, 3 Dec 2020 22:20:00 +0000
Message-ID: <DM6PR14MB3178A08C84E01A8DCB0711A0D7F20@DM6PR14MB3178.namprd14.prod.outlook.com>
References: <160496076356.8063.5138064792555453422@ietfa.amsl.com> <49d045a3-db46-3250-9587-c4680ba386ed@network-heretics.com> <b5314e17-645a-22ea-3ce9-78f208630ae1@cs.tcd.ie> <1606782600388.62069@cs.auckland.ac.nz> <0b72b2aa-73b6-1916-87be-d83e9d0ebd09@cs.tcd.ie> <1606814941532.76373@cs.auckland.ac.nz> <36C74BF4-FF8A-4E79-B4C8-8A03BEE94FCE@cisco.com> <SN6PR02MB4512D55EC7F4EB00F5338631C3F40@SN6PR02MB4512.namprd02.prod.outlook.com> <1606905858825.10547@cs.auckland.ac.nz> <EEFAB41B-1307-4596-8A2E-11BF8C1A2330@cisco.com> <BYAPR14MB31763782200348F502A70DA4D7F30@BYAPR14MB3176.namprd14.prod.outlook.com> <SN6PR02MB4512B95842251AE4C04B199CC3F30@SN6PR02MB4512.namprd02.prod.outlook.com> <BYAPR14MB31765FD24F4DFD90F81AEE2BD7F30@BYAPR14MB3176.namprd14.prod.outlook.com> <SN6PR02MB4512CBA9E4BF6AAC778BC674C3F30@SN6PR02MB4512.namprd02.prod.outlook.com> <DM6PR14MB31789349B737961728B7691ED7F30@DM6PR14MB3178.namprd14.prod.outlook.com> <CACsn0ckvoqZ5-JPRkOXp2Mw2zeTOdyCYLvX1NV1waJ-yidTwMQ@mail.gmail.com> <SN6PR02MB45129E647485BA5794D5CF4EC3F20@SN6PR02MB4512.namprd02.prod.outlook.com>
In-Reply-To: <SN6PR02MB45129E647485BA5794D5CF4EC3F20@SN6PR02MB4512.namprd02.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: att.com; dkim=none (message not signed) header.d=none;att.com; dmarc=none action=none header.from=bcbsm.com;
x-originating-ip: [165.225.0.109]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 223daa7b-51f4-4b2c-6671-08d897d9b50f
x-ms-traffictypediagnostic: DM6PR14MB2153:
x-microsoft-antispam-prvs: <DM6PR14MB21537C77445A3244BCDB192CD7F20@DM6PR14MB2153.namprd14.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6K8rWtCsaXs+7AFCGiAlumavbKVansYRj2kNSTaR70dWTfEihR2IzmIZ+pxLI/LIYctHoNJzolPVEWzQiBh5OInWMl/sHcOyB4+qztipz4hDdysFHX5i3TMqZ8CD7yFO8dg7xA8M6mpRDbgJwJO2DPKAhVfin1fSIPwd6201l89g9KvRSiqo5pv/FAV3pQYDyc2OTH7uEhqjNgHQpYzJOihb1VE44XPFZPO6zgz5y4DubWCtztCJwA6BT4FMlsUgHlhocdnFluMmjaWGR/+Rk6KMfxvVv7Zsi0qNHc3fKn4NYB1rybeyUHC3zFId5IJwrecHT7YQKZEZy6OLzJlKXg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR14MB3178.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(136003)(366004)(39860400002)(396003)(346002)(6666004)(54906003)(110136005)(33656002)(5660300002)(83380400001)(6506007)(9686003)(76116006)(26005)(8936002)(316002)(55236004)(52536014)(66476007)(66556008)(64756008)(66446008)(66946007)(53546011)(2906002)(8676002)(71200400001)(4326008)(478600001)(186003)(55016002)(7696005)(86362001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?us-ascii?Q?83CFlAdDLWZthMpfIcUKA247cm4kMHZShaaoVSjL03ehVjYI62UZTcuEQ6Li?= =?us-ascii?Q?PWxLYif4UpCzv2wmguc1k8GNhupyUtMPpOMzRoAixvjO1sFSZWoGb0+dnn4a?= =?us-ascii?Q?ufKklpjiZ+xThrL4yim8bFh41q9DRpCHB/2XTv8iEcPbxocNVXSkmAP2fB2s?= =?us-ascii?Q?Oy0SC3ctnePTZ06vW1wo4Z0NNulI7Qf0BDMinQt1yC+K+FXaWN+cp8gHbtYA?= =?us-ascii?Q?PmqzuYNSz2tGmCCweHqlmem2hS3ES9V0dHGSpMQq6254PhhEwEF6HdYsgbfK?= =?us-ascii?Q?VM21oOhxvQMYAlFzBWoJvRjoCFyMIUw4x0+xi3CGexYRDcOhp6M+N5UEu66u?= =?us-ascii?Q?8pKjAJIxDxfU4lfL2vznuDmgWxbEGrsyTiDqFu/WK3g9dSXEytRc/d6gqfD7?= =?us-ascii?Q?E30pIJtUoZY0EUI+wVrMNwsduBlkZUh0+oCeUeDOQGoAetQiRpKew8GGiRKf?= =?us-ascii?Q?XndqtmMyWaU+Ofu7WaCZ9F4jDT8G6ZyZHcHyQYebw1VdDH6ou3lFWUy2mF1+?= =?us-ascii?Q?Oum0ucLjXL0/mnR+RJRx9gcgqE5AZ8NBWUPnWXq/xiPdFHoQAD4Vv9NoH5IG?= =?us-ascii?Q?9xXbMEn7RekICDsxoXfFPmuSv3r17u4kieInvjByXc0nwyxa2aoMS0MhTCHk?= =?us-ascii?Q?/ks326BkR0hk4RoDO+RA1VUlJbqeBUMoJHGzEmUba21+IxXkcXVEAG/ZDQMo?= =?us-ascii?Q?JmUXvY5okf2LHa/KAzre0kKMwzfrg8CFqoJ+RStqNLimADETdclE4rgqRZLJ?= =?us-ascii?Q?D9DTVU0Cr5vVsWADchd34QltjEkDTrbuPRtC6C1NE0bhhen+y/0N9hvJsF06?= =?us-ascii?Q?o/4DZySlc5+rEEfNklCPz8pt0D3Yf2oXfKDbI1tIcZj1TJmUQUkmag2TjjcO?= =?us-ascii?Q?AVYwo3CrMugBxAbSE8qxN+SLAywQjmWbE7kHKO8CJ0+VJXdKPE6TMVyazRQX?= =?us-ascii?Q?TObkAAILYqEfIiJY9bSGjB7iQd4MmsqMSV0sJYb0vceaAAjeVYosfrJ8KHJt?= =?us-ascii?Q?qX1x?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: bcbsm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR14MB3178.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 223daa7b-51f4-4b2c-6671-08d897d9b50f
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Dec 2020 22:20:57.3428 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 6f56d3fa-5682-4261-b169-bc0d615da17c
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RpFJmmVIFBf99pFTU4lJ+FZYUo986udLVsGTrsyIawM3rciyE/sf8nC7WDlrjbOSA2Lkxc638mGNJAOuDURMeA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR14MB2153
X-TM-AS-GCONF: 00
X-VPM-HOST: vmvpm02.z120.zixworks.com
X-VPM-GROUP-ID: e4506a59-d834-4da2-bc76-d4ae6476dff2
X-VPM-MSG-ID: 25f558a3-fe5f-41fb-aee6-0a1cad087fb5
X-VPM-ENC-REGIME: Plaintext
X-VPM-IS-HYBRID: 0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vfZQq48qocyLAM-r0v2AHNKHPqI>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 22:39:41 -0000

Sorry for the delay in responding.   Tough day at the ranch.   Just getting caught up now (or trying).  

Barbara, thanks for your response on my behalf and you are correct, I am not making any recommended content changes to the draft at all, and I am not arguing against the current text, as Watson seemed to suggest.  
I am also not suggesting that because something is inconvenient for me or other Enterprises, that the problem should not be acknowledged, as Watson stated.  In fact, it is because I will need to acknowledge and deal with related problems, that I am very interested in this topic.     And finally Watson seems to infer that I am advocating  "continuing to ignore the RFC series".    This could not be further from the truth.   Trying to get enterprises more aware of RFC developments is the primary reason I continue participate in IETF.       I strive long for a situation where enterprises are as aware, informed and compliant as possible and if their needs are factored, this becomes more achievable.  

What I actually was saying,  was a response to previous discourse in this list topic,  that was questioning why a TLS conversion might be difficult or time consuming for Enterprises, from someone on the inside of such situations.   The enterprise perspective is not usually considered or understood at IETF, and this was an attempt to highlight and attempt to encourage, the "Bridging of that gap".   My extended point was that this lack of understanding/communication, between Enterprises and IETF, is not unique to this list topic issue.   I believe this would be in the best interests of all to address and improve this, both on this topic and globally.       I want to work towards that wherever and however I can.   

Finally I agree with Barbara that those of us who may care to care to constructively address & improve the more global aspects of Enterprise/IETF interaction, should do so off this list & subject chain.        I am not aware of the "bungie jumping off the Macau Tower" aspects of the other list, so if there is a smaller and/or less painful start to this, I am all for whatever you suggest. 

Thanks

Mike


Your argument against the current text seems to be the following: we 
> have a problem. It is inconvenient for me that you will ask me to deal 
> with the problem. Therefore I would like the problem to not be 
> acknowledged.

-----Original Message-----
From: STARK, BARBARA H <bs7652@att.com> 
Sent: Thursday, December 3, 2020 12:03 PM
To: 'Watson Ladd' <watsonbladd@gmail.com>om>; Ackermann, Michael <MAckermann@bcbsm.com>
Cc: 'Eliot Lear' <lear=40cisco.com@dmarc.ietf.org>rg>; 'Peter Gutmann' <pgut001@cs.auckland.ac.nz>nz>; 'draft-ietf-tls-oldversions-deprecate@ietf.org' <draft-ietf-tls-oldversions-deprecate@ietf.org>rg>; 'last-call@ietf.org' <last-call@ietf.org>rg>; 'tls@ietf.org' <tls@ietf.org>rg>; 'tls-chairs@ietf.org' <tls-chairs@ietf.org>
Subject: RE: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

[External email]


Ow! Mike is my friend. Don't go dissing my friend!

I think the problem in communication we've just experienced is because Mike strayed away from Last Call discussion on a specific document, to asking/discussing a more general question of how IETF can better communicate with enterprises and perhaps even engage with enterprises to make it easier to operationalize protocols inside enterprise networks. I didn't see Mike suggesting any changes to the draft in Last Call, relevant to this question. ?

I'd like to suggest that maybe we could discuss this a little more on the ietf list? But not here.
I'll see what happens if I start a thread over there (ietf@ietf.org) ...
Barbara

[Let me drum up my courage first. Thinking about posting to that list is much more stressful to me than, for example, thinking about bungie jumping off the Macau Tower -- an experience I highly recommend.]

> > Barbara,
> > Thanks.
> > And I think I was aware of all you state below regarding TLS, and 
> > apologize
> for any related confusion regarding IPv6, even though, for the 
> purposes of my comment, they are similar.
> >
> >
> > I don't disagree with anything you say on the TLS subject,  which is
> essentially that prior versions of TLS may be considered insecure, 
> etc.  and should be deprecated.....
>
> Shouldn't we publish a document saying that? It seems this would 
> represent consensus, even your view of the issue.
>
> >
> > My associated point is that Enterprises are generally not aware of 
> > this and
> that it is not currently on our Planning or Budget Radars.
>
>
> TLS 1.2 has been around for how many years? All versions of OpenSSL 
> without support have been EOL for some time. How many other CVE remain 
> to be found in them? FIPS, PCI etc are all very clear that old TLS is 
> going away. Browsers have supported TLS 1.2 for years. So has Windows.
> This depreciation should be easy given the extent of support for TLS 
> 1.2.
>
> I bet that most services you run are already using TLS 1.2 or even 1.3 
> because the client and server have been updated.
>
> > Further, this means we are potentially years from effectively and
> operationally addressing such issues.
>
> Let's be about it.
>
> >    And we must do so in conjunction with Partners, Clouds, Clients 
> > and
> others.
> > And my general, overall point is that the answer to addressing the 
> > above is
> to find way(s) of making Enterprises aware and possibly assisting with
> methods of addressing.     I think I also said this  problem is not unique to TLS
> or IPv6.      More, it is a lack of understanding of how things work within
> Enterprise Networks and the lack of Enterprise engagement in Standards 
> Development processes.
> > And finally, this may not be a gap that the IETF should care about 
> > or
> address, but someone should, IMHO.
>
> Your argument against the current text seems to be the following: we 
> have a problem. It is inconvenient for me that you will ask me to deal 
> with the problem. Therefore I would like the problem to not be 
> acknowledged.
>
> Perhaps I am being too uncharitable. But I fail to see how softening 
> the language eases depreciation, or what the consequence you fear 
> happening are. You're free to continue ignoring the RFC series. But 
> reality does not go away if it is ignored.
>
> Sincerely,
> Watson Ladd
>
> >
> > Thanks
> >
> > Mike


The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies.
 
 Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association.