Hi Tom, WG, I was about to send a note to the WG but you beat me to it. You made a valid point regarding TLS 1.3. But I suggest a different approach.
RFC 8253 states that TLS v1.2 or "later" is supported for PCEP. IMHO, a draft fixing the issues with TLS 1.3 for PCEPS is a much better idea than saying no TLS 1.3. Sean, Russ and I published - https://www.ietf.org/id/draft-dhody-pce-pceps-tls13-00.html. Note that a similar effort is also being made in NetConf WG. Coming to the PCEP-YANG, I plan to add a section in the draft that would talk about how to enable TLS 1.2 and TLS 1.3 for PCEP. Thoughts? Thanks! Dhruv (co-author hat on, co-chair hat off) On Fri, Oct 7, 2022 at 2:25 PM tom petch <ie...@btconnect.com> wrote: > From: Pce <pce-boun...@ietf.org> on behalf of tom petch < > ie...@btconnect.com> > Sent: 03 October 2022 11:02 > > From: Pce <pce-boun...@ietf.org> on behalf of julien.meu...@orange.com < > julien.meu...@orange.com> > Sent: 26 September 2022 14:01 > > Hi PCE WG, > > This message starts a 2-week WG Last Call for > draft-ietf-pce-pcep-yang-19. Please review and share any feedback using > the PCE mailing list. > This WGLC will end on Tuesday October 11. > > <tp> > There are several little problems with this I-D, which I will post in due > course, but one big one that I think needs outside assistance and will take > time to resolve, namely the lack of security. > > This imports netconf-tls groupings and the netconf I-D says basically > security is nothing to do with us, that is up to the user of the grouping. > It recommends TLS1.3 and says TLS1.2 is obsolete and not recommended. > > Trouble is, for most users TLS1.3 is not recommended because it is > insecure because it introduces new features which are fine for web access > and dangerous for almost other cases (eg early data). There are a number > of IETF documents looking at this and nailing down all the things you must > not do with TLS1.3 in an operational environment (which is what most of the > IETF is about). RFC9190 section 2 is an example of what I mean but from > tracking the evolution of that RFC I suspect that that got watered down by > the supporters of TLS1.3. > > This I-D needs the equivalent (or else a MUST NOT for TLS1.3!). Many of > those involved with security in the IETF will not understand the issue, how > dangerous TLS1.3 is for anything other than web access. > > <tp2> > I note the submission of draft-dhody ... TLS13. > > I wonder what that plan is; for pcep-yang to ban TLS1.3 and have a > reference to this I-D? or what? > > I think that PSK need more treatment. My take is that RFC8446 bans PSK > except when used for resumption where a session has been set up using > certificates. I see two documents addressing this issue, - 9257, 9258 - > but I have yet to read them. > > Tom Petch > > > Tom Petch > > Thanks, > > Julien > > > > _______________________________________________ > Pce mailing list > Pce@ietf.org > https://www.ietf.org/mailman/listinfo/pce > > _______________________________________________ > Pce mailing list > Pce@ietf.org > https://www.ietf.org/mailman/listinfo/pce >
_______________________________________________ Pce mailing list Pce@ietf.org https://www.ietf.org/mailman/listinfo/pce
