On Thu, May 2, 2019 at 7:51 PM Martin Thomson <[email protected]> wrote:
> Thanks Kathleen, these look like good changes. > > Nits in the proposed BCP195 section: Lose the "p" in mpost and s/off of/on/ > Thank you, Martin! > > On Fri, May 3, 2019, at 01:12, Kathleen Moriarty wrote: > > Thank you for your feedback in this review. Responses inline as to how > > I propose it is addressed: > > > > On Sat, Apr 13, 2019 at 12:16 AM Martin Thomson <[email protected]> > wrote: > > > Section 1.1 doesn't say *how* those listed documents are updated. > Might pay to include a few works on how. > > > > Thank you, that was helpful feedback. I changed the introduction text > > as follows: > > OLD: > > This document updates these RFCs that normatively reference TLSv1.0 or > > TLSv1.1 or DTLS1.0 and have not been obsoleted. > > NEW: > > This document updates the following RFCs that normatively reference > > TLSv1.0 or TLSv1.1 or DTLS1.0. The update is to obsolete usage of these > > older versions. Fallback to these versions are prohibited through this > > update. > > > > > Section 2 can be cut down a lot. The quote from another document is > longer than the rest of the text. In many ways, saying that the IETF is > moving last is not a great thing to memorialize in RFC, as much as it is > useful in an Internet-Draft or in argumentation in support of publication > of the doc. > > > > A bunch has been cut out already, but I propose also cutting out the > > following text to address your specific point (well taken): > > 1st paragraph and last 2. > > > > REMOVE: > > Industry has actively followed guidance provided by NIST and the PCI > > Council to deprecate TLSv1.0 and TLSv1.1 by June 30, 2018. TLSv1.2 > > should remain a minimum baseline for TLS support at this time. > > > > The Canadian government treasury board have also mandated that these > > old versions of TLS not be used. > > > > Various companies and web sites have announced plans to deprecate > > these old versions of TLS. > > > > > > > The title of Section 3 could be a bit clearer. > > Proposed: > > SHA-1 Usage Problematic in TLSv1.0 and TLSv1.1 > > > > If you have a more terse suggestion, please post. I agree this should > > be more clear. > > > > > > It might pay to explain what RFC 7525 is in Section 6. Why does that > document warrant special attention over the 70-odd other ones. > > > > Good point, how about the following text: > > > > PROPOSED: > > RFC7525 is BCP195, "Recommendations for Secure Use of Transport Layer > > Security (TLS) and Datagram Transport Layer Security (DTLS)", is the > > mpost recent best practice document for implementing TLS and was based > > off of TLSv1.2. At the time of publication, TLSv1.0 and TLSv1.1 had not > > yet been deprecated. As such, this document is called out specifically > > to update text implementing the deprecation recommendations of this > > document. > > > > > > > > Otherwise, publish this. > > > > Thank you! > > > > I'll continue through the rest of the messages, but may have a delay > > when tending to other responsibilities. > > I am putting the proposals into a new version to upload to the git > > repository. > > > > Best regards, > > Kathleen > > > > > > > > > > > > > > On Sat, Apr 13, 2019, at 09:28, Christopher Wood wrote: > > > > This is the working group last call for the "Deprecating TLSv1.0 > and > > > > TLSv1.1” draft available at: > > > > > > > > > https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/ > > > > > > > > Please review the document and send your comments to the list by > April 26, 2019. > > > > > > > > Thanks, > > > > Chris, Joe, and Sean > > > > > > > > _______________________________________________ > > > > TLS mailing list > > > > [email protected] > > > > https://www.ietf.org/mailman/listinfo/tls > > > > > > > > > > _______________________________________________ > > > TLS mailing list > > > [email protected] > > > https://www.ietf.org/mailman/listinfo/tls > > > > > > -- > > > > Best regards, > > Kathleen > -- Best regards, Kathleen
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
