Re: [TLS] AD review of draft-ietf-tls-oldversions-deprecate-06
"Salz, Rich" <rsalz@akamai.com> Tue, 13 October 2020 21:08 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FFEA3A0906; Tue, 13 Oct 2020 14:08:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.299
X-Spam-Level:
X-Spam-Status: No, score=-3.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a4NAome5vFTf; Tue, 13 Oct 2020 14:08:57 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C3373A08EB; Tue, 13 Oct 2020 14:08:57 -0700 (PDT)
Received: from pps.filterd (m0050095.ppops.net [127.0.0.1]) by m0050095.ppops.net-00190b01. (8.16.0.42/8.16.0.42) with SMTP id 09DL3xXe026660; Tue, 13 Oct 2020 22:08:57 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=HPWlwF7XGUp2RLOCQiJ/qJQaRCAe5V2CK6HMxA5MaNI=; b=Te769N2NesJQrZj1wff0GB4gZ9KlTyUHDRhpzYB7ED5opCvecue0VPrZttvBsDJkS8Rd DjmGGJe6L9jwbhsczlNmcQSlxe6m16N2AXLn8ruDet1CJoyFp5MmwRuMs8QvKUG8x8sj X6q76dh1lC5b59LBJrVRYLqQpnvVo4pUUnDB59O9NPzpxg2nHyQqs91XhAmBROKEpKuS WX+pzZuiI6yayQtHopAnw0qXNzl10JyNl1Zn2l6/hqbf+xmOlFg7Eg0olPAhtDYtlraZ 1rrZCMeMDXMu5b8W9cgR7eOPDi2idzVRJH0af8rPyjV6hkB4yFzIhd/7XPZi1YaVqxDt 4g==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19] (may be forged)) by m0050095.ppops.net-00190b01. with ESMTP id 3434x2311r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Oct 2020 22:08:56 +0100
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.42/8.16.0.42) with SMTP id 09DL21Bt015449; Tue, 13 Oct 2020 17:08:55 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.33]) by prod-mail-ppoint2.akamai.com with ESMTP id 34389wpndm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 13 Oct 2020 17:08:55 -0400
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com (172.27.123.103) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 13 Oct 2020 17:08:55 -0400
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com ([172.27.123.103]) by usma1ex-dag1mb3.msg.corp.akamai.com ([172.27.123.103]) with mapi id 15.00.1497.006; Tue, 13 Oct 2020 17:08:55 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Michael D'Errico <mike-list@pobox.com>, TLS List <tls@ietf.org>
CC: "draft-ietf-tls-oldversions-deprecate.all@ietf.org" <draft-ietf-tls-oldversions-deprecate.all@ietf.org>
Thread-Topic: [TLS] AD review of draft-ietf-tls-oldversions-deprecate-06
Thread-Index: AQHWoYKpAVtE88bCCkWG5Y6C68C7jamWHvYAgAAJwYCAAAGqAIAADF2A///QN4A=
Date: Tue, 13 Oct 2020 21:08:54 +0000
Message-ID: <511E05F4-D0AA-4FAD-A2AC-D02ABA0C4CC7@akamai.com>
References: <20200726212223.GY41010@kduck.mit.edu> <CAHbuEH6YV5HyqEV7DbO=_-9yFEHTS3Q7nH_t=ap_xwzGK=vMWw@mail.gmail.com> <20200813175413.GY92412@kduck.mit.edu> <B1F480D7-437B-48E1-969A-D30D3598CF9D@sn3rd.com> <20201013183420.GB83367@kduck.mit.edu> <263ebc32-e908-4e41-a8d8-37e88da970ee@www.fastmail.com> <20201013191512.GD83367@kduck.mit.edu> <e6cd7cc3-9650-4c08-9d2b-148ffae9ca09@www.fastmail.com>
In-Reply-To: <e6cd7cc3-9650-4c08-9d2b-148ffae9ca09@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.40.20081201
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.118.139]
Content-Type: text/plain; charset="utf-8"
Content-ID: <0B2BEBAC1751944599DC3A7E35648A20@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-10-13_15:2020-10-13, 2020-10-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 bulkscore=0 malwarescore=0 mlxlogscore=798 phishscore=0 suspectscore=0 adultscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2010130148
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-10-13_15:2020-10-13, 2020-10-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 bulkscore=0 suspectscore=0 adultscore=0 clxscore=1015 impostorscore=0 malwarescore=0 mlxlogscore=749 mlxscore=0 priorityscore=1501 spamscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2010130150
X-Agari-Authentication-Results: mx.akamai.com; spf=${SPFResult} (sender IP is 184.51.33.19) smtp.mailfrom=rsalz@akamai.com smtp.helo=prod-mail-ppoint2
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/zoxtjl8sfUKfDo4SaU5vIU-jzdo>
Subject: Re: [TLS] AD review of draft-ietf-tls-oldversions-deprecate-06
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Oct 2020 21:08:58 -0000
> Recommending that people wholesale abandon
their legacy system and implement TLS (1.2 and)
1.3 is asking too much, and will largely be ignored
by the people who would be able to add 1.1 to their
1.0 code.
The folks you have to convince isn't just the IETF, but rather groups like the payment card industry (PCI-DSS), and NIST which deprecated 1.0 and 1.1 before the IETF did. No doubt there are others. And then you have to convince the browsers.
- [TLS] AD review of draft-ietf-tls-oldversions-dep… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Kathleen Moriarty
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Benjamin Kaduk
- [TLS] Obsolete SCSV!? (was Re: AD review of draft… Sean Turner
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Eric Rescorla
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Salz, Rich
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Sean Turner
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Sean Turner
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Loganaden Velvindron
- Re: [TLS] Obsolete SCSV!? (was Re: AD review of d… Loganaden Velvindron
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Michael D'Errico
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Michael D'Errico
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Salz, Rich
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-oldversions… Benjamin Kaduk