Hi Leif,
Unauthenticated TLS is clearly an important use case of TLS, in the
world outside of HTTPS. So I think we have to say *something* about it.
What I propose is a short section that:
- Defines what we are talking about, including references to relevant
drafts.
- Says that the BCP applies to these use cases.
Future UTA draft(s) will define the different variants of OE in more
depth, will give technical recommendations on how to implement them, and
will possibly describe exception cases where the current BCP does *not*
apply.
Does this work for you?
Thanks,
Yaron
On 10/09/2014 10:59 PM, Leif Johansson wrote:
Rather, for the current draft, the decision is it seems whether to
describe which recommendations don't apply to opportunistic TLS,
or whether to simply leave opportunistic TLS out of scope, and
therefore take care to not claim applicability to MTA-to-MTA SMTP,
Server-to-Server XMPP, etc.
I agree.
I propose that unless there are *conflicts* between OE and with what
is currently in the BCP we should leave the BCP as is.
This thread clearly demonstrates that there is enough material for an
OE TLS draft and/or more protocol specific OE TLS SMTP/XMPP and folks
should go off and write it (or them).
Cheers Leif
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
