Hi Sean,
I hope, the answer of Hannes counts as "significant justification".
Most of the discussion and arguments are about TLS 1.2 and 1.3.
Just to be clear:
RRC will only apply to DTLS, 1.2 and 1.3. There is no usage for TLS.
And for RRC, Hannes and Thomas wants to use the "Flags Extension".
I'm not sure, how fast DTLS 1.2 deployments will be moved to DTLS 1.3.
But I'm pretty sure, that DTLS 1.2 with Connection ID will make many
NB-IoT solutions possible, and RRC will help to defend that against
attacks.
best regards
Achim Kraus
Eclipse/Californium
(Currently DTLS 1.2 only ;-) )
Am 04.11.21 um 14:27 schrieb Sean Turner:
Hannes,
Sorry I forgot to answer this, but John pretty much answered it for me. The
prevailing notion that the WG has been under is that extensions defined are for
TLS 1.3. We put the following in the charter to make that clear:
Changes or additions to older versions of (D)TLS whether
via extensions or ciphersuites are discouraged and require
significant justification to be taken on as work items.
So ... do you have a significant justification?
Cheers,
spt
On Nov 4, 2021, at 09:11, John Mattsson
<john.mattsson=40ericsson....@dmarc.ietf.org> wrote:
TLS 1.2 has been obsolete for over three years. Oxford dictionary defines obsolete as
"no longer produced or used; out of date." NIST requires support of TLS 1.3
everywhere no later than Jan 2024, which at least in theory means no negotiation of TLS
1.2.
I think IETF, TLS WG, and TLS libraries should spend their time on TLS 1.3
rather than giving the false idea it is ok to stay on TLS 1.2.
John
From: TLS <tls-boun...@ietf.org> on behalf of Hannes Tschofenig
<hannes.tschofe...@arm.com>
Date: Monday, 25 October 2021 at 19:12
To: IETF TLS <tls@ietf.org>
Subject: [TLS] Flags Extension: why only for TLS 1.3?
Hi all,
why is the flags extension only defined for TLS 1.3?
There is nothing in this extension that prevents us from using it also in TLS
1.2.
Could we make it also available to TLS 1.2?
Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
