On 11/16/21 8:42 AM, Hanno Böck wrote:
On Tue, 16 Nov 2021 08:36:31 -0700
Peter Saint-Andre <[email protected]> wrote:
By our reading, it doesn't make any difference to a TLS 1.2
implementation whether it sends or receives the "supported_versions"
extension. Corrections welcome, of course! If this is the case, we'd
prefer not to recommend that TLS 1.2 implementations specifically add
support for this extension, since upgrading to TLS 1.3 is best anyway.
I have a question about this question:
I think it's generally agreed that TLS 1.3 provides much better
security than TLS 1.2 (that was ultimately why it's been created).
Why would you even write a recommendation for what people should do
with TLS 1.2-only implementations? (I understand this is merely
relevant for implementations not supporting TLS 1.3 at all.) Shouldn't
the recommendation be: "Don't. Please support TLS 1.3." ?
Well, draft-ietf-uta-rfc7525bis, and RFC 7525 before it, is geared
toward operators. Although in the bis document we do recommend 1.3 over
1.2 (and follow RFC 8996 in completely deprecating 1.0 and 1.1), we also
provide recommendations for how to do support 1.2 most safely before
upgrading to 1.3. See the Internet-Draft for details and if you have
feedback on our recommendations, please do post to the [email protected] list.
Peter
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
