Hiya,
On 19/01/2021 11:05, Rob Wilton (rwilton) wrote:
-----Original Message----- From: iesg <[email protected]> On Behalf Of Stephen Farrell Sent: 12 January 2021 21:35 To: Rob Wilton (rwilton) <[email protected]>; The IESG <[email protected]> Cc: [email protected]; [email protected]; [email protected] Subject: Re: [TLS] Robert Wilton's No Objection on draft-ietf-tls- oldversions-deprecate-11: (with COMMENT) Hiya, On 12/01/2021 18:14, Robert Wilton via Datatracker wrote:Robert Wilton has entered the following ballot position for draft-ietf-tls-oldversions-deprecate-11: No ObjectionWhen responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.htmlfor more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be foundhere: https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
----------------------------------------------------------------------
COMMENT: ----------------------------------------------------------------------
Thank you for purging the old versions of TLS.
Thanks for trudging through it! :-)There is one sentence in the abstract that I found surprising (if it isright).The abstract states: "TLSv1.2 has been the recommended version for IETF protocols since 2008, providing sufficient time to transition away from older versions." Should this be "minimum recommended version"? Otherwise, I don'tunderstandwhy the recommended version of TLS is 1.2 rather than 1.3 (given thatthe TLS1.2 RFC is marked as obsolete).I see what you mean. I guess s/has been/became/ would do it? The point isn't so much what the current recommended version is/was but more that it's been a dozen years since it was TLSv1.1.[RW] Yes, s/has been/became/ helps, but I still think that it implies that TLV 1.2 is the current recommended version of TLS. Perhaps something along the lines of: TLSv1.2 became the recommended version for IETF protocols in 2008 (now obsoleted by TLSv1.3 in 2018), providing sufficient time to transition away from older versions."
Sure. I did more or less that in the repo - [1] with diff vs. -11 at [2] Cheers, S.[1] https://github.com/tlswg/oldversions-deprecate/blob/master/draft-ietf-tls-oldversions-deprecate.txt [2] https://tools.ietf.org/rfcdiff?url1=draft-ietf-tls-oldversions-deprecate-11.txt&url2=https://raw.githubusercontent.com/tlswg/oldversions-deprecate/master/draft-ietf-tls-oldversions-deprecate.txt
Regards, RobCheers, S._______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
