On Wednesday, 24 July 2019 05:17:37 CEST Ackermann, Michael wrote: > This should not be dismissed as small segments of industries. This > represents ubiquitous use cases at all large organizations in Insurance, > Health Care, Banking, Automotive and many others.
Not "all" and not "ubiquitous", the word you're looking for is "some". As it was pointed out many times already on this mailing list. > We as the IETF should > not lightly dismiss such significant numbers and volume, even (or > especially), if the answers are not easy ones. Also, the people that are pushing against the IETF consens should not lightly dismiss it, even (or especially), if the answers are not the ones that they would like to hear. > From: TLS <tls-boun...@ietf.org> On Behalf Of Watson Ladd > Sent: Tuesday, July 23, 2019 6:58 PM > To: Filippo Valsorda <fili...@ml.filippo.io> > Cc: TLS List <tls@ietf.org> > Subject: Re: [TLS] TLS Impact on Network Security draft updated > > ALERT This email was sent from a source external to BCBSM/BCN. > DO NOT CLICK links or attachments unless you recognize the sender and trust > the content. > > On Tue, Jul 23, 2019, 3:47 PM Filippo Valsorda > <fili...@ml.filippo.io<mailto:fili...@ml.filippo.io>> wrote: > Before any > technical or wording feedback, I am confused as to the nature of this > document. It does not seem to specify any protocol change or mechanism, and > it does not even focus on solutions to move the web further. > Instead, it looks like a well edited blog post, presenting the perspective > of one segment of the industry. (The perspective seems to also lack > consensus, but I believe even that is secondary.) Note how as of > draft-camwinget-tls-use-cases-05 there are no IANA considerations, no > security considerations, and no occurrences of any of the BCP 14 key words > (MUST, SHOULD, etc.). > Is there precedent for publishing such a document as an RFC? > > I was going to say RFC 691 but no, it recommends changes to the protocol (as > well as being quite amusing). RFC 4074 comes close describing bad behavior > without an explicit plea to stop doing it, but has a security > considerations section. RFC 7021 describes the impact of a particular > networking technique on applications. > So there is precedent. > > Sincerely, > Watson > > > The information contained in this communication is highly confidential and > is intended solely for the use of the individual(s) to whom this > communication is directed. If you are not the intended recipient, you are > hereby notified that any viewing, copying, disclosure or distribution of > this information is prohibited. Please notify the sender, by electronic > mail or telephone, of any unintended receipt and delete the original > message without making any copies. > > Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are > nonprofit corporations and independent licensees of the Blue Cross and Blue > Shield Association. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
