Re: [TLS] Fwd: New Version Notification for draft-moriarty-tls-oldversions-diediedie-00.txt

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

Hiya,

Thanks for reading the draft!

On 19/08/18 00:45, Artyom Gavrichenkov wrote:
> On Mon, Jul 9, 2018 at 7:42 PM Kathleen Moriarty
> <kathleen.moriarty.ietf@gmail.com> wrote:
>> Stephen and I posted the draft below to see if the TLS working group
>> is ready to take steps to deprecate TLSv1.0 and TLSv1.1.  There has
>> been a recent drop off in usage for web applications due to the PCI
>> Council recommendation to move off TLSv1.0, with a recommendation to
>> go to TLSv1.2 by June 30th.
> 
> Err, sorry, but – to make it one hundred per cent correct – it seems
> like PCI SSC has just deprecated TLS v1.0 _only_.
> 
> "Migrating from SSL and Early TLS", version 1.1:
> "The best response is to disable SSL entirely and migrate to a more
> modern encryption protocol, which at the time of publication is a
> minimum of TLS v1.1"
> https://www.pcisecuritystandards.org/documents/Migrating-from-SSL-Early-TLS-Info-Supp-v1_1.pdf
> 
> draft-moriarty-diediedie also mentions PCI SSC requirements. Do I get
> anything wrong here?

Well, two comments:

1. The bit you quote above is incomplete, the full paragraph says
"The best response is to disable SSL entirely and migrate to a more
modern encryption protocol, which at the time of publication is a
minimum of TLS v1.1, although entities are strongly encouraged to
consider TLS v1.2.  Note that not all implementations of TLS v1.1
are considered secure – refer to NIST SP 800-52 rev 1 for guidance
on secure TLS configurations." So there's already a strong hint
in PCI-land to GOTO TLSv1.2+.

2. Use of TLSv1.1 seems to be almost non-existent. See the figures
in the -01 draft for some detail, (and more data is always welcome).
It seems like there's more already-deprecated SSL than there is
TLSv1.1 which I think means that this is really a non-issue.

I guess there could be a formal but theoretical problem resulting
from this, but OTOH, if (or when) the IETF finished an RFC based
on this draft deprecating these legacy versions then PCI folks can
catch up, and without that affecting pretty much anyone, so I'd say,
in this case, it's likely ok to just ignore this slight discrepancy.
But if you've some text change to suggest that'd handle it better,
that'd be great to see.

Cheers,
S.


> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>