On 02/11/2025 12:42, Joseph Salowey wrote:
Hi Mohamed and Gorry,
The author has responded to your comments, I'd like to see if we can
wrap up discusses on this draft this week. Would you be available for
a quick chat?
Thanks,
Joe
Thanks Joe,
I see these changes address the issue behind my DISCUSS, I plan to clear
this as soon as a new revision is made. Feel free to get back if I fail
to do this.
Best wishes,
Gorry
---------- Forwarded message ---------
From: *Nimrod Aviram* <[email protected]>
Date: Mon, Sep 29, 2025 at 5:49 AM
Subject: draft-ietf-tls-deprecate-obsolete-kex - Response to IESG
Evaluation
To: <[email protected]>
Cc: <[email protected]>, TLS Chairs
<[email protected]>, <[email protected]> <[email protected]>, Joseph Salowey
<[email protected]>
Dear IESG Members,
Thank you so much for taking the time to review the document, and help
make it clearer!
We’ve addressed your points in this PR:
https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#top
<https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#top>
Best wishes, and thanks again,
Joe and Nimrod
===================
Gorry:
Discuss 1: Thanks for the feedback! We’ve added specific language:
https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R170
<https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R170>
Discuss 2: Thanks again for the catch! We’ve added text here:
https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R242
<https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R242>
Sections 3 and 4 already provide normative language to describe the
action to be taken as a result of the deprecation. If you think there
are more places where we should add similar text, we’re happy to do so.
Discuss 3: Thanks yet again! The PR adds a reference to the section in
RFC 9325 affected by this document.
https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R540
<https://github.com/tlswg/draft-deprecate-obsolete-kex/pull/26/files#diff-bfcdc92dcfe1f2013251d0cecbae501ff67f6bb37a87888fad18cc0daf527983R540>
Comment: Thanks! We’ve made the requested change.
Mohamed:
Update a BCP: We believe the document is more broad than merely
updating RFC 9325. It provides the technical background as to why the
changes are necessary, updates the IANA registry. Once this document
is published perhaps it could be added to the BCP.
“[RFC9325] contains the latest IETF recommendations” won’t age well.
However, “[BCP195] contains the latest IETF recommendations” is likely
to be valid independent of future revisions of RFC9325.) -- Thanks! We
changed it accordingly.
Appendix B. ECDH Cipher Suites Whose Use Is Discouraged by This Document
These are already marked as “N” in the registry. What concrete changes
will be captured in the registry? Please clarify.
The document moves them to “Recommended: D”, to align with RFC8447bis.
We’ve added language accordingly, thanks!
The PR also addresses the points listed below - thank you all again
for taking the time to review and point everything out!
Please indicate where to find the registry
DH Cipher Suites Deprecated by This Document: can we please be
explicit that we are asking for “recommended” to be set to “D” for
these entries?
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
