e draft and asked the chairs for its adoption.
> Since our responsible AD thinks agrees that this work is within the
charter of
> the WG, the chairs are issuing a formal call for adoption to confirm the
results
> we had at the meeting.
>
> This message starts a two weeks call for ado
On 5/12/20 10:45 AM, Keith Moore wrote:
> On 5/9/20 11:50 AM, Valery Smyslov wrote:
>
>> the chairs encourage WG members to more actively participate in the call.
>> At the meeting a lot of participants expressed a favor of adoption,
>> we ask these participants to reconfirm their position on the
On 5/9/20 11:50 AM, Valery Smyslov wrote:
the chairs encourage WG members to more actively participate in the call.
At the meeting a lot of participants expressed a favor of adoption,
we ask these participants to reconfirm their position on the list (if they
didn't do it yet).
Since we
In article <000f01d62619$91c80110$b5580330$@gmail.com> you write:
>Hi,
>
>the chairs encourage WG members to more actively participate in the call.
>At the meeting a lot of participants expressed a favor of adoption,
>we ask these participants to reconfirm their position on the list (if they
work is within the
> charter
> > of the WG, the chairs are issuing a formal call for adoption
> > to confirm the results we had at the meeting.
> >
> > This message starts a two weeks call for adoption of the
> > draft-sheffer-uta-rfc7525bis-00 draft.
> > The cal
renamed the draft and asked the chairs for its adoption.
> Since our responsible AD thinks agrees that this work is within the
charter
> of the WG, the chairs are issuing a formal call for adoption
> to confirm the results we had at the meeting.
>
> This message starts a two weeks c
> On Tue, Apr 28, 2020 at 1:41 AM tom petch wrote:
> It's worth noting that to the extent that this is a requirement, it is
> already violated by any installation which is compliant with RFC
> 7525. The auditing techniques in question depend un using static RSA
> cipher suites, but 7525
>
- Original Message -
From: Eric Rescorla e...@rtfm.com
Sent: 01/05/2020 22:45:35
On Tue, Apr 28, 2020 at 1:41 AM tom petch wrote:
One requirement that was raised in the later stages of the work on TLS 1.3
related to audit, and was raised, I think, by representatives of the finance
Keith Moore writes:
>It can be expensive to upgrade devices in some industrial applications.
For the specific TLS implementation I was referring to in that post, upgrades
have to be scheduled years in advance for each site, and for the next upgrade
round, in 2030, will probably mean replacing
On 5/3/20 3:14 PM, Eric Rescorla wrote:
I don't have much experience with SCADA TLS stacks, so I can't speak
to this, but I wasn't thinking primarily of the TLS stack itself but
just of the overall software on the device. In general, most software
has some defects and some of them will be
On Sat, May 2, 2020 at 10:26 PM Peter Gutmann
wrote:
> Eric Rescorla writes:
>
> >if you are running a piece of hardware that cannot upgrade its TLS stack
> at
> >all, you quite likely have a number of serious unpatched vulnerabilities,
> and
> >should reconsider whether it is safe to have that
Eric Rescorla writes:
>if you are running a piece of hardware that cannot upgrade its TLS stack at
>all, you quite likely have a number of serious unpatched vulnerabilities, and
>should reconsider whether it is safe to have that hardware attached to the
>Internet.
Embedded non-upgradeable SCADA
In article you write:
>On 01/05/2020 22:35, Eric Rescorla wrote:
>> On Mon, Apr 27, 2020 at 2:04 AM tom petch wrote:
>>> and I am unclear whether or not TLS 1.3 will gain widespread use in the
>>> Internet, with HTTP, SMTP and such like.
>>
>>
>> I don't know about SMTP, but TLS 1.3 has
On Fri, May 1, 2020 at 4:43 PM Keith Moore
wrote:
> On 5/1/20 6:48 PM, Eric Rescorla wrote:
>
> On Thu, Apr 30, 2020 at 7:59 PM Keith Moore
> wrote:
>
>> People do not always have the luxury of upgrading their clients and
>> servers to versions that support the recent TLS.Some legacy
On 5/1/20 6:48 PM, Eric Rescorla wrote:
On Thu, Apr 30, 2020 at 7:59 PM Keith Moore
mailto:mo...@network-heretics.com>> wrote:
People do not always have the luxury of upgrading their clients and
servers to versions that support the recent TLS. Some legacy
hardware
has
On Fri, May 1, 2020 at 10:47 AM wrote:
> > IMO RFC7525 and this new draft both suffer from dubious assumptions and
> > make poor recommendations because of those assumptions. In particular,
> > there are many cases for which using an old version of TLS is suboptimal
> > and it shouldn't be
On Thu, Apr 30, 2020 at 7:59 PM Keith Moore
wrote:
> People do not always have the luxury of upgrading their clients and
> servers to versions that support the recent TLS.Some legacy hardware
> has firmware that cannot be upgraded because no upgrades are
> available. Service providers do
On 01/05/2020 22:35, Eric Rescorla wrote:
> On Mon, Apr 27, 2020 at 2:04 AM tom petch wrote:
>> and I am unclear whether or not TLS 1.3 will gain widespread use in the
>> Internet, with HTTP, SMTP and such like.
>
>
> I don't know about SMTP, but TLS 1.3 has *already* achieved widespread use
>
On Tue, Apr 28, 2020 at 1:41 AM tom petch wrote:
> One requirement that was raised in the later stages of the work on TLS 1.3
> related to audit, and was raised, I think, by representatives of the
> finance industry; the WG rejected the requirement.
It's worth noting that to the extent that
er Saint-Andre' <
> stpe...@mozilla.com>
> Sent: 26/04/2020 10:35:30
> Subject: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
>
>
>
> Hi,
>
> during the last virtual in
On 4/30/20 8:59 PM, Keith Moore wrote:
> IMO RFC7525
That ship sailed in 2015.
> and this new draft both suffer from dubious assumptions and
> make poor recommendations because of those assumptions. In particular,
> there are many cases for which using an old version of TLS is suboptimal
> and
On 5/1/20 12:27 PM, Ned Freed wrote:
IMO RFC7525 and this new draft both suffer from dubious assumptions and
make poor recommendations because of those assumptions. In particular,
there are many cases for which using an old version of TLS is suboptimal
and it shouldn't be considered as secure,
IMO RFC7525 and this new draft both suffer from dubious assumptions and
make poor recommendations because of those assumptions. In particular,
there are many cases for which using an old version of TLS is suboptimal
and it shouldn't be considered as secure, but it may still be better
than
r adoption
to confirm the results we had at the meeting.
This message starts a two weeks call for adoption of the
draft-sheffer-uta-rfc7525bis-00 draft.
The call will end up 10 May 2020. Please send your opinions to the list
before this date.
Please if possible include any reasons supporting your opini
I support adoption and will review the draft.
> On Apr 27, 2020, at 11:32, Peter Saint-Andre wrote:
>
> Specific TLS 1.3 gotcha: 0-RTT – what should we say here?
At a minimum, I think we need this draft to address the point above.
spt
___
Uta
Hi,
>
> I expect that you are familiar with
> draft-camwinget-tls-ns-impact
> which looks at operational security with TLS 1.2 and identifies what is
> difficult or impossible to do with TLS 1.3. One might infer from this I-D
> that TLS 1.3 offers less security than TLS 1.2:-)
One requirement
tch
- Original Message -
From: Valery Smyslov
To:
Cc: 'Yaron Sheffer' , , 'Ralph
Holz' , 'Peter Saint-Andre'
Sent: 26/04/2020 10:35:30
Subject: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
Hi,
dur
In article <9c423d31-4040-ef7f-1779-240a26104...@isode.com>,
Alexey Melnikov wrote:
>I don't have any number for SMTP or IMAP, but judging from my own
>experience: our implementations upgraded to OpenSSL 1.1.1 and we got TLS
>1.3 enabled for free. I suspect many other people in the same boat.
;>, 'Peter Saint-Andre'
mailto:stpe...@mozilla.com>>
Sent: 26/04/2020 10:35:30
Subject: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
Hi,
during the last virtual interim meet
On 4/27/20 3:03 AM, tom petch wrote:
> What is the point of rfc7525bis? Why do we need it?
We explained much of the reasoning in the meeting last week:
https://datatracker.ietf.org/doc/slides-interim-2020-uta-01-sessa-tls-bcp-the-next-generation/
The topics we (the co-authors) plan to address
weeks call for adoption of the
draft-sheffer-uta-rfc7525bis-00 draft.
The call will end up 10 May 2020. Please send your opinions to the list
before this date.
Please if possible include any reasons supporting your opinion. If you
support this adoption,
please indicate whether you are ready
, Die, Die'
>
> Tom Petch
>
>
> - Original Message -
> From: Valery Smyslov
> To:
> Cc: 'Yaron Sheffer' , ,
> 'Ralph Holz' , 'Peter Saint-Andre' <
> stpe...@mozilla.com>
> Sent: 26/04/2020 10:35:30
> Subject: [Uta] Adoption call for draft-sheffer-uta-
at the meeting.
This message starts a two weeks call for adoption of the
draft-sheffer-uta-rfc7525bis-00 draft.
The call will end up 10 May 2020. Please send your opinions to the list
before this date.
Please if possible include any reasons supporting your opinion. If you
support this adoption
: 26/04/2020 10:35:30
Subject: [Uta] Adoption call for draft-sheffer-uta-rfc7525bis-00
Hi,
during the last virtual interim meeting the draft
draft-sheffer-uta-bcp195bis-00 was presented and the authors asked for its
On Sun, 26 Apr 2020, Valery Smyslov wrote:
The general feeling in the room was in favor of the adoption, however
the authors were asked to rename it to *-rfc7525-bis.
The authors have renamed the draft and asked the chairs for its adoption.
Hi from e-mail land. We took a look and noticed that
asked the chairs for its adoption.
> Since our responsible AD thinks agrees that this work is within the charter
> of the WG, the chairs are issuing a formal call for adoption
> to confirm the results we had at the meeting.
>
> This message starts a two weeks call for adoption o
the draft and asked the chairs for its adoption.
Since our responsible AD thinks agrees that this work is within the charter
of the WG, the chairs are issuing a formal call for adoption
to confirm the results we had at the meeting.
This message starts a two weeks call for adoption of the
draft-sheffer
37 matches
Mail list logo