> On Jul 30, 2021, at 05:08, Hannes Tschofenig <hannes.tschofe...@arm.com> > wrote: > > I have no problem with the suggestion. > > A few other observations: > > 1. FWIW: The reference to [Wang] is incomplete.
The same ref was used in RFC 6194, but we could also use: https://www.iacr.org/archive/crypto2005/36210017/36210017.pdf > 2. The references to the other papers use the websites of the authors or > project websites. I would use more stable references. We can replace: http://shattered.io/static/shattered.pdf with https://eprint.iacr.org/2017/190 and (is the INRIA site better?) ttps://www.mitls.org/downloads/transcript-collisions.pdf with https://hal.inria.fr/hal-01244855/document > 3. Kathleen's affiliation is also outdated. Ah I thought we fixed that. Anyway we’ll change it to: CIS > 4. Is the update to RFC 7525 relevant given that there is an update of RFC > 7525 in progress (see > https://datatracker.ietf.org/doc/html/draft-ietf-uta-rfc7525bis-01) and even > near completion? I do not have a problem moving the text. I might also solve the can a standard update a BCP question. What do people think? > 5. The title of the draft gives the impression that this update only refers > to TLS 1.2 but later in the draft DTLS is also included via the reference to > RFC 7525. Should the title be changed to "Deprecating MD5 and SHA-1 signature > hashes in TLS/DTLS 1.2"? We could do (D)TLS 1/2 too. > Ciao > Hannes > > -----Original Message----- > From: Iot-directorate <iot-directorate-boun...@ietf.org> On Behalf Of Russ > Housley > Sent: Wednesday, July 28, 2021 10:34 PM > To: Sean Turner <s...@sn3rd.com>; IETF TLS <tls@ietf.org> > Cc: iot-director...@ietf.org; draft-ietf-tls-md5-sha1-deprecate....@ietf.org; > last-c...@ietf.org > Subject: Re: [Iot-directorate] [TLS] [Last-Call] Iotdir last call review of > draft-ietf-tls-md5-sha1-deprecate-04 > >> In Section 7.1.4.1: the following text is removed: > > If the client supports only the default hash and signature algorithms > (listed in this section), it MAY omit the signature_algorithms > extension. > >> Since it’s a MAY, I am a-okay with deleting. Anybody else see harm? > > I don't see any harm. > > Russ > > -- > Iot-directorate mailing list > iot-director...@ietf.org > https://www.ietf.org/mailman/listinfo/iot-directorate > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
