Re: [Uta] WGLC for draft-ietf-uta-rfc7525bis-04

Thu, 09 Dec 2021 13:11:35 -0800 

Hi all,


this message starts a Working Group Last Call for draft-ietf-uta-rfc7525bis-04:
https://datatracker.ietf.org/doc/draft-ietf-uta-rfc7525bis/

The WGLC will last for two weeks and will end on December the 21st.
Please send your comments to the list before this date.


Great job!

I've only one minor remark about wording difference between:

   *  Implementations MUST support TLS 1.2 [RFC5246] and MUST prefer to
      negotiate TLS version 1.2 over earlier versions of TLS.

   *  Implementations SHOULD support TLS 1.3 [RFC8446] and if
      implemented, MUST prefer to negotiate TLS 1.3 over earlier
      versions of TLS.

and:

   *  Implementations MUST support and (unless a higher version is
      available) MUST prefer to negotiate DTLS version 1.2 [RFC6347]

   *  Implementations SHOULD support and, if available, MUST prefer to
      negotiate DTLS version 1.3 as specified in [I-D.ietf-tls-dtls13].
I think both could be homogenized (like the "unless a higher version is available" part, or "over earlier versions of (D)TLS"). Unless there is a subtlety, and if that is the case, it should be more emphasized. 

Note that I-D.ietf-tls-dtls13 is RFC 9147 (though still in AUTH48).





Also:

      NOTE: This recommendation has been changed from SHOULD NOT to MUST
      NOT on the assumption that [I-D.ietf-tls-oldversions-deprecate]
      will be published as an RFC before this document.

=> Now published as RFC 8996.  This paragraph can be removed.
More explanation about the deprecation of TLS 1.1 could be given (as TLS 1.0 does). Currently, there's only: 

      Rationale: TLS 1.1 (published in 2006) is a security improvement
      over TLS 1.0 but still does not support certain stronger cipher
      suites.
I suggest adding what is present in the introduction of RFC 8996: TLS 1.1 "lacks of support for current recommended cipher suites, especially authenticated encryption with associated data (AEAD) ciphers". 


Happy feasts of end of year,

--
Julien ÉLIE

« Il buvait toutes mes paroles, et comme je parlais beaucoup, à un
  moment, je le vois qui titubait… » (Raymond Devos)

_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta

Reply via email to