Given the volume of discussion on the list, I assume that the
deprecated TLS 1.*<1.2 discussion is for the purpose of an
announcement only. There are things on the agenda that I (personally)
would prefer to see set aside for more time on that topic. For
instance, we've had very little list
On Mon, Jul 9, 2018 at 12:58 PM Eric Rescorla wrote:
> On Mon, Jul 9, 2018 at 9:54 AM, Eric Rescorla wrote:
>
>> Thanks for writing this.
>>
>> I would be in favor of deprecating old versions of TLS prior to 1.2.
>> Firefox Telemetry shows that about 1% of our connections are TLS 1.1
>>
>
>
A revised agenda has been posted.
spt
> On Jul 10, 2018, at 12:15, Sean Turner wrote:
>
> All,
>
> The agenda has been posted:
> https://datatracker.ietf.org/meeting/102/materials/agenda-102-tls-02
>
> Note that we have two sessions:
>
> tls Session 1 (2:00 requested)
> Monday, 16 July
Contributions with data are welcomed and encouraged.
Thank you,
Kathleen
Sent from my mobile device
> On Jul 10, 2018, at 10:07 AM, Peter Gutmann wrote:
>
> nalini elkins writes:
>
>> It would be nice to see some of this reflected in the draft rather than only
>> statistics on browsers.
Hi Nalini,
I think it would be more useful to collect show stopper information. Do they
have systems or applications that cannot be upgraded as there is no upgrade
path? Do these systems or applications matter in terms of deprecation? It may
not matter if they are isolated or there is no
Sent from my mobile device
> On Jul 10, 2018, at 4:31 PM, Martin Rex wrote:
>
> m...@sap.com (Martin Rex) wrote:
>> Andrei Popov wrote:
>>>
>>> On the recent Windows versions, TLS 1.0 is negotiated more than 10%
>>> of the time on the client side (this includes non-browser connections
>>>
> I'm not sure that the fact that a lot of people are running downrev versions
> means we shouldn't say that the IETF no longer considers that good.
I totally and strongly agree.
___
TLS mailing list
TLS@ietf.org
I'd like to distinguish between two different questions:
1. Whether or not the IETF should recommend that people stop using older
versions of TLS.
2. Whether or not vendors should stop accepting/supporting older versions
of TLS.
The former one of these is just exhorting people to stop, which
On Wednesday, 11 July 2018 06:57:59 CEST Peter Gutmann wrote:
> Hubert Kario writes:
> >defeating two hashes, when both use use the Merkle-Damgård construction, is
> >not much harder than breaking just one of them (increase of work factor
> >less than 2)
>
> "In theory there is no difference
Hiya,
On 11/07/18 06:45, nalini elkins wrote:
> Stephen,
>
>> I'd love to add more detail like that and/or more sections for other
> protocols if folks have data to offer with references.
>
> I believe that I can reach out to various people I know. Please comment
> if my methodology is
10 matches
Mail list logo
