I want to see these disappear, but I am guessing that there is still some time before many products can make the move. For websites, like the ones mentioned in the draft, that time is already here. As a site operator, you do not want to talk to a browser that doesn't talk TLS 1.2.
Is there any reason why we wouldn't also consider deprecating cipher suites we don't like? For instance, RFC 5246 mandates the implementation of TLS_RSA_WITH_AES_128_CBC_SHA, which we can probably agree isn't ideal for several reasons. The ECDHE suites with AES-GCM are widely available, perhaps widely enough that we might consider a stronger move and update 5246 to modern suites. Our numbers for AES-CBC are not anywhere near as low as TLS <1.2, but they are definitely trending in the right direction. 3DES still exists too, which is a little sad, but there you are. On Tue, Jul 10, 2018 at 2:42 AM Kathleen Moriarty <kathleen.moriarty.i...@gmail.com> wrote: > > Hello, > > Stephen and I posted the draft below to see if the TLS working group > is ready to take steps to deprecate TLSv1.0 and TLSv1.1. There has > been a recent drop off in usage for web applications due to the PCI > Council recommendation to move off TLSv1.0, with a recommendation to > go to TLSv1.2 by June 30th. NIST has also been recommending TLSv1.2 > as a baseline. Applications other than those using HTTP may not have > had the same reduction in usage. If you are responsible for services > where you have a reasonable vantage point to gather and share > statistics to assess usage further, that could be helpful for the > discussion. We've received some feedback that has been incorporated > into the working draft and feelers in general have been positive. It > would be good to know if there are any show stoppers that have not > been considered. > > https://github.com/sftcd/tls-oldversions-diediedie > > Thanks in advance, > Kathleen > > > ---------- Forwarded message ---------- > From: <internet-dra...@ietf.org> > Date: Mon, Jun 18, 2018 at 3:05 PM > Subject: New Version Notification for > draft-moriarty-tls-oldversions-diediedie-00.txt > To: Stephen Farrell <stephen.farr...@cs.tcd.ie>, Kathleen Moriarty > <kathleen.moriarty.i...@gmail.com> > > > > A new version of I-D, draft-moriarty-tls-oldversions-diediedie-00.txt > has been successfully submitted by Stephen Farrell and posted to the > IETF repository. > > Name: draft-moriarty-tls-oldversions-diediedie > Revision: 00 > Title: Deprecating TLSv1.0 and TLSv1.1 > Document date: 2018-06-18 > Group: Individual Submission > Pages: 10 > URL: > https://www.ietf.org/internet-drafts/draft-moriarty-tls-oldversions-diediedie-00.txt > Status: > https://datatracker.ietf.org/doc/draft-moriarty-tls-oldversions-diediedie/ > Htmlized: > https://tools.ietf.org/html/draft-moriarty-tls-oldversions-diediedie-00 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-moriarty-tls-oldversions-diediedie > > > Abstract: > This document [if approved] formally deprecates Transport Layer > Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves > these documents to the historic state. These versions lack support > for current and recommended cipher suites, and various government and > industry profiiles of applications using TLS now mandate avoiding > these old TLS versions. TLSv1.2 has been the recommended version for > IETF protocols since 2008, providing sufficient time to transition > away from older versions. Products having to support older versions > increase the attack surface unnecessarily and increase opportunities > for misconfigurations. Supporting these older versions also requires > additional effort for library and product maintenance. > > This document updates the backward compatibility sections of TLS RFCs > [[list TBD]] to prohibit fallback to TLSv1.0 and TLSv1.1. This > document also updates RFC 7525. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > -- > > Best regards, > Kathleen > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls