On Fri, Mar 03, 2023 at 03:49:28PM -0800, Watson Ladd wrote:
> > 20 years is a long time. We can only reason about shorter timelines.
> > In the next ~5 years, I don't yet see a defensible reason to deprecate
> > TLS 1.2.
>
> 20 years from today we'll be dealing with products shipped out today.
On Fri, Mar 3, 2023 at 2:54 PM Peter Gutmann
wrote:
> Another thing we need a lot more time to find out is whether, like HTTP >
> 1.1,
> TLS 1.3 has forked TLS. For HTTP there'll perpetually be two lines going
> forward, HTTP for web browsers and HTTP 1.1 for everything
> that
> isn't a web
On Fri, Mar 3, 2023, 1:50 PM Viktor Dukhovni wrote:
>
> On Fri, Mar 03, 2023 at 08:17:55PM +0200, Nimrod Aviram wrote:
>
> > Specifically, we will have to decide when/if to deprecate version 1.2 of
> > TLS within, say, the next 20 years.
>
> 20 years is a long time. We can only reason about
Viktor Dukhovni writes:
>Yes, once TLS 1.3 is closer to 20 years old, we'll know whether TLS 1.2 can
>or should be retired, but until such time, TLS 1.2 is likely to still be with
>us (embedded in home routers, printers, refrigerators, ...).
Another thing we need a lot more time to find out is
On Fri, Mar 3, 2023 at 11:25 AM Sean Turner wrote:
> just want to point of out that at least in the IETF that RFC 9325 [1] was
> recently published.
>
Right. A salient sentence here: "Therefore, this document replaces
[RFC7525], with an explicit goal to encourage migration of most uses of TLS
On Fri, Mar 03, 2023 at 08:17:55PM +0200, Nimrod Aviram wrote:
> Specifically, we will have to decide when/if to deprecate version 1.2 of
> TLS within, say, the next 20 years.
20 years is a long time. We can only reason about shorter timelines.
In the next ~5 years, I don't yet see a defensible
On Fri, Mar 03, 2023 at 09:37:48PM +0100, Bas Westerbaan wrote:
> >
> > And of course, we really
> > don't want to have to do major work on TLS 1.2, e.g. for Post-Quantum.
> >
>
> More to the point, I'd say the post-quantum transition is the
> natural moment to move from ≤1.2 to 1.3.
Agreed.
>
>
> And of course, we really
> don't want to have to do major work on TLS 1.2, e.g. for Post-Quantum.
>
More to the point, I'd say the post-quantum transition is the natural
moment to move from ≤1.2 to 1.3.
(TLS 1.2 and earlier are vulnerable to PQ -> classical downgrades during
the transition
just want to point of out that at least in the IETF that RFC 9325 [1] was
recently published.
spt
[1] https://datatracker.ietf.org/doc/rfc9325/
> On Mar 3, 2023, at 13:40, Eric Rescorla wrote:
>
> Nimrod,
>
> Thanks for bringing this up. I don't think we really have had much of a
>
+1 on the idea, but I am not convinced that the proposed process is sufficient
(and/or terms are not adequately clear).
It seems to me that the time "for everyone to upgrade" will be dependent upon
market factors related to the technology being replaced as well as with the
severeness of the
Nimrod,
Thanks for bringing this up. I don't think we really have had much of a
discussion.
I *do* think we should be thinking about deprecating TLS 1.2 at some point,
not so much because
it is bad (though of course we believe TLS 1.3 is better) but because it's
better to just have
one thing
11 matches
Mail list logo
