There is an ongoing discussion in CDNi on how to define a TLS profile for all the CDNi interfaces. The suggestion from the CDNi chair is:
“The general TLS usage guidance in [I-D.ietf-uta-tls-bcp] SHOULD be followed.” I have commented that the aim of the TLS BCP is “improving the security of deployed services” and that it alone is unnecessarily weak for a new standard. I suggested: “The general TLS usage guidance in [I-D.draft-ietf-httpbis-http2, Section 9.2] MUST be followed.” I think “How to define a TLS profile for a new standard?” is a question that many other groups will have in the future. Guidance from UTA would be good. Cheers, John _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
