Hi Jared,
I suspect there is a disconnect here.
The guidance is not about random protocols, please check
https://richsalz.github.io/draft-use-tls13/draft-ietf-uta-require-tls13.html
which I think has the correct words.
Cheers,
Med
> -Message d'origine-
> De : Jared Mauch
> Envoyé :
Thanks, Med
I did understand your reply and appreciate it, i just felt that i'd also
raise my concerns against the IMHO inappropriate, too-broad requirements raised
by
the ULA draft, whether or not they would ultimately apply to our anima draft or
not
(e.g.: wrt to "entirely new" for example).
I'm told (by an AD) that uta-require-tls13 is supposed to apply to all ends of
a new protocol.
Shrug.
Anyway, it's much easier to make an RFC a performance specification (a trade
term about RFPs) when the document doesn't depend upon some parties just
ignoring the MUSTs.
It would be
Salz, Rich wrote:
> You are not counting a non-updated deployed base (which surprises me,
> given your IOT involvement) and people who will not do the RFC.
I'm told (by an AD) that uta-require-tls13 is supposed to apply to all ends of
a new protocol.
>> An implementation which supp
On Thu, Apr 10, 2025 at 03:07:53PM -0400, Alan DeKok wrote:
> (trimming things a bit)
>
> > On Apr 10, 2025, at 2:41 PM, Jared Mauch wrote:
> >
> > On Tue, Apr 08, 2025 at 11:23:44AM -0700, Eric Rescorla wrote:
> >> As Alan observes, we are talking about levies on new protocols, not
> >> e
On Thu, Apr 10, 2025 at 11:59 AM Eric Rescorla wrote:
>
>
> On Thu, Apr 10, 2025 at 11:41 AM Jared Mauch
> wrote:
>
>> On Tue, Apr 08, 2025 at 06:05:22PM +0200, Toerless Eckert wrote:
>> > Dear IESG, *:
>> >
>> > We received IESG review for draft-ietf-anima-brski-prm that was asking
>> to
>> > m
(trimming things a bit)
> On Apr 10, 2025, at 2:41 PM, Jared Mauch wrote:
>
> On Tue, Apr 08, 2025 at 11:23:44AM -0700, Eric Rescorla wrote:
>> As Alan observes, we are talking about levies on new protocols, not
>> existing protocols. These should be deployed with TLS 1.3 for the reasons
>
On Thu, Apr 10, 2025 at 11:41 AM Jared Mauch wrote:
> On Tue, Apr 08, 2025 at 06:05:22PM +0200, Toerless Eckert wrote:
> > Dear IESG, *:
> >
> > We received IESG review for draft-ietf-anima-brski-prm that was asking to
> > make the use of TLS 1.3 mandatory based on the expectation that
> draft-ie
On Tue, Apr 08, 2025 at 11:23:44AM -0700, Eric Rescorla wrote:
>As Alan observes, we are talking about levies on new protocols, not
>existing protocols. These should be deployed with TLS 1.3 for the reasons
>indicated in this draft.
I'm sorry, that just isn't the case no matter
On Tue, Apr 08, 2025 at 06:05:22PM +0200, Toerless Eckert wrote:
> Dear IESG, *:
>
> We received IESG review for draft-ietf-anima-brski-prm that was asking to
> make the use of TLS 1.3 mandatory based on the expectation that
> draft-ietf-uta-require-tls13
> would become RFC - unless we provide su
> On Wed, Apr 09, 2025 at 07:51:59PM -0700, Eric Rescorla wrote:
> > Perhaps not, but that's not what I am saying. Rather, the point I am
> > making is that your proposed text limiting this to *browsers* is far
too narrow and the
> > original text that says TLS 1.3 is widely deployed is in fact co
BTW: A MUST with an otherwise clause, is to me, a SHOULD.
It is not an otherwise clause. It is a MUST and you MAY also do this.
(Also, what's a non-default option. Either it can be negotiated, so it's
on by default, or it won't be negotiated, so it's really off.)
Don’t think protocol,
Salz, Rich wrote:
mcr> But, MUST do TLS 1.3 implies (to me), do *NOT* (refuse to) do TLS 1.2.
mcr> The only way to allow (MAY) TLS 1.2, is for TLS 1.3 to be SHOULD.
> People who believe that have not read the draft, or forgotten
> something. It’s pretty clear, appearing in the v
Renzo Navas wrote:
> Dear UTA, ACE, and LAKE (chair hat off) WGs,
> I am the Shepherd of the document draft-ietf-uta-tls13-iot-profile-13 [1]
> (TLS/DTLS 1.3 Profiles for the Internet of Things).
> Currently in UTA WG Last call ending 14 April 2025 (not much time...).
> I u
Dear UTA, ACE, and LAKE (chair hat off) WGs,
I am the Shepherd of the document draft-ietf-uta-tls13-iot-profile-13 [1]
(TLS/DTLS 1.3 Profiles for the Internet of Things).
Currently in UTA WG Last call ending 14 April 2025 (not much time...).
I urge principally the UTA people, but also ACE or LAK
15 matches
Mail list logo
