Hi Stephen,
On 22/10/2013 17:46, Stephen Farrell wrote:
Yep, that's a useful post - we shouldn't rush too much,
but we do want to get things done so that developers
and deployers have something to use.
I wonder what's the best way to proceed with this kind
of stuff. I guess we want a BCP of some sort, but the
question is how to handle the various different cases
of foo-with-tls.
- Yaron did a generic TLS BCP draft. [1]
- PSA did an XMPP TLS BCP draft [2]
- This sounds like we might want an SMTP TLS BCP draft
or perhaps to add text to [3], but that's aiming for
experimental and is just about using DANE.
I think some generic fallback rules can be protocol independent. But
needs of different protocols might be different. For example backward
compatibility with deployed TLS ciphers might be different for XMPP and
SMTP.
I think SMTP TLS BCP would be a good idea. I think it should be
independent of DANE, because of the status of the DANE document. I would
be happy to work on it (and would be happy to collaborate with PSA to
discuss similarities and differences).
So at present we're heading towards a bunch of foo-with-tls
BCPs. Could those usefully be merged or are they better
kept separate?
Thoughts?
S.
[1] https://tools.ietf.org/html/draft-sheffer-tls-bcp
[2] https://tools.ietf.org/html/draft-saintandre-xmpp-tls
[3] https://tools.ietf.org/html/draft-ietf-dane-smtp-with-dane
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
