On Wed, Sep 28, 2016 at 5:49 PM, Melinda Shore <melinda.sh...@nomountain.net > wrote:
> I think it's quite clearly the case that that is not going to happen. > But, that doesn't mean that these guys don't have a problem worth > addressing, even if they're asking for a crap solution to it. The > IETF is an insular organization and I tend to think that leads to > poorer outcomes in some cases than we might otherwise have produced. Their argument is the PCI council will mandate TLS 1.3 soon. This is not the case. A TLS *1.1* mandate by the PCI council has been delayed until 2018. I work for a company that directly participates in the PCI council, and have been participating in the TLS and CFRG process for several years (again, I do not directly represent either in this discussion). I do not think that TLS 1.3 in its current form will cause them any practical real-world problems for these companies, rather they seem to be attempting to futureproof their current bad practices. -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls