Hi Mike,
On Tue, Oct 13, 2020 at 03:59:27PM -0400, Michael D'Errico wrote:
> > Saying that it's your preference without saying why is likely
> > to have little effect, yes. (We endeavor to make decisions
> > based on technical merit, not voting, after all.) Why do you
> > want this?
>
> Hi,
>
> On Oct 13, 2020, at 14:34, Benjamin Kaduk wrote:
>
> I think we still need to check for the latest version of the SP800-52r2
> reference, too.
You are correct - the date should be August 2019:
https://github.com/tlswg/oldversions-deprecate/pull/8
spt
> Saying that it's your preference without saying why is likely
> to have little effect, yes. (We endeavor to make decisions
> based on technical merit, not voting, after all.) Why do you
> want this?
Hi,
I think the advice should be: "If your code currently
only supports TLS 1.0, please spend
Hi Mike,
On Tue, Oct 13, 2020 at 03:09:15PM -0400, Michael D'Errico wrote:
> I know that saying this will have no effect, but I'd
> rather see deprecation of just TLS 1.0 and retain
> version 1.1 as not recommended.
Saying that it's your preference without saying why is likely to have
little
I know that saying this will have no effect, but I'd
rather see deprecation of just TLS 1.0 and retain
version 1.1 as not recommended.
Also, we should not abandon RFC 7507 (downgrade
protection SCSV). What harm is there in keeping it
around? None.
Mike
Thanks, Sean, the linked pull requests seem to do the trick.
Skimming through
https://mailarchive.ietf.org/arch/msg/tls/K9_uA6m0dD_oQCw-5kAbha-Kq5M/ once
more, I think I still plan to put out a status-change document to move RFC
5469 (IDEA and DES ciphers) to Historic in parallel with the IETF LC
Ben,
Thanks for pointing out I missed a couple. Inline …
spt
> On Aug 13, 2020, at 13:54, Benjamin Kaduk wrote:
>
> Hi Kathleen,
>
> Also inline.
>
> On Wed, Aug 12, 2020 at 04:29:56PM -0400, Kathleen Moriarty wrote:
>> Hi Ben,
>>
>> Thanks for your review. Some initial responses are
Hi,
There was a reason custom DH parameters were removed.
Custom DH parameters were the source of plenty of problems.
I suggest reading:
https://blog.hboeck.de/archives/841-Diffie-Hellman-and-TLS-with-nonsense-parameters.html
https://eprint.iacr.org/2016/644