I think it's fine as it is. This use case is very specific and the impact for it is limited. So yes, I think that the delay between publishing and now will change the situation even more out of favour of TLS 1.0.
On Friday, 26 April 2019 03:30:00 CEST Viktor Dukhovni wrote: > > On Apr 12, 2019, at 7:28 PM, Christopher Wood <c...@heapingbits.net> wrote: > > > > This is the working group last call for the "Deprecating TLSv1.0 and TLSv1.1” draft available at: > > https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/ > > > > Please review the document and send your comments to the list by April 26, > > 2019. > My concern is whether the time is yet nigh for TLS 1.0 to be disabled > in opportunistic TLS in SMTP, or whether TLS 1.0 remains sufficiently > common to cause deprecation to do more harm than good via unnecessary > downgrades to cleartext. > > I don't have survey numbers for SMTP TLS protocol versions across MTAs > generally to shed light on this, perhaps someone does. What I do have > is numbers for those MTAs (not a representative sample) that have DANE > TLSA records (so presumably a greater focus on security). > > The observed version frequencies are approximately: > > TLS 1.0: 1% > TLS 1.1: 0% > TLS 1.2: 87% > TLS 1.3: 12% > > essentially regardless of whether I deduplicate by name, IP or name and IP. > The respective sample sizes are 5435, 6938 and 7959. > > So if a DANE-enabled sender were to disable TLS 1.0 today, approximately > 1% of the destination MX hosts would be broken and need remediation. These > handle just of 189 mostly small SOHO domains out of the ~1.1 million total > DANE SMTP domains, but four handle enough email to show up on the Gmail > SMTP transparency report: > > tu-darmstadt.de > t-2.net > t-2.com > t-2.si > > So on the whole, the draft should proceed, but some caution may be > appropriate outside the browser space, before operators start switching off > TLS 1.0 support. > > I don't see an operational considerations section. Nor much discussion of > "less mainstream" (than Web browser) TLS application protocols. Would a few > words of caution be appropriate, or is it expected that by the time the RFC > starts to change operator behaviour the "market share" of TLS 1.0 will be > substantially lower than I see today even with SMTP, XMPP, NTTP and the > like. > > [ I would speculate that TLS 1.0's share is noticeably higher among MTAs > generally than among the bleeding-edge MTAs that have published DANE TLSA > RRs. ] -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
