Re: [TLS] Last Call: (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

2020-11-28 Thread Eliot Lear
Hi there IESG I support the intent of this document, and I think the approach to update the various documents listed is the right one. Because of the breadth of documents updated, I wonder if at least some implementation guidance is warranted, in order to assist developers and even perhaps adm

Re: [TLS] Last Call: (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

2020-11-28 Thread Stephen Farrell
Hiya, On 28/11/2020 04:39, Gary Gapinski wrote: Looking at https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-09 §2: * §2 ¶5 has «TLS 1.3, specified in TLSv1.3 [RFC8446]…». * §2 ¶4 has «TLSv1.2, specified

Re: [TLS] Last Call: (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

2020-11-28 Thread Stephen Farrell
Hi Keith, In general I agree with Ekr's position on this (not a surprise as a co-author I guess:-) so I won't repeat arguments. I do have one question below though that wasn't yet touched upon... On 28/11/2020 00:44, Keith Moore wrote: While I agree that TLSv1.0 and TLSv1.1 should be avoided as

Re: [TLS] Last Call: (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

2020-11-28 Thread Stephen Farrell
Hi Eliot, On 28/11/2020 10:45, Eliot Lear wrote: Hi there IESG I support the intent of this document, and I think the approach to update the various documents listed is the right one. Cool. Because of the breadth of documents updated, I wonder if at least some implementation guidance is wa

Re: [TLS] [Last-Call] Last Call: (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

2020-11-28 Thread Nick Lamb
On Fri, 27 Nov 2020 23:43:42 -0500 Keith Moore wrote: > I'm aware of that.  But what really is the point of a cert > (especially one issued by a public CA) that has an RFC1918 address as > its subject? Not that it matters that much because the vast majority > of sites using embedded systems aren'

[TLS] Weekly github digest (TLS Working Group Drafts)

2020-11-28 Thread Repository Activity Summary Bot
Issues -- * tlswg/draft-ietf-tls-esni (+1/-0/💬2) 1 issues created: - Potential SNI leak via cross-ECH resumption (by kjacobs-moz) https://github.com/tlswg/draft-ietf-tls-esni/issues/369 2 issues received 2 new comments: - #369 Potential SNI leak via cross-ECH resumption (1 by davi