Thanks, Gary and others for the helpful feedback and support! I like Stephen can look at integrating the suggestions this weekend/early next week. Please do keep the comments coming.
Best regards, Kathleen On Wed, Apr 24, 2019 at 9:51 AM Gary Gapinski <gary= 40garygapinski....@dmarc.ietf.org> wrote: > On 4/12/19 7:28 PM, Christopher Wood wrote: > > This is the working group last call for the "Deprecating TLSv1.0 and TLSv1.1” > draft available at: > > https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/ > > Please review the document and send your comments to the list by April 26, > 2019. > > I think the document should be published. > > I agree with Martin Thomson's observation that the SP 800-52r2 quotes in > Section 2 are a bit prolix considering the relatively small content that > would remain if excised, and that NIST document has been in draft for a > prolonged time (reducing its authority). The quotes imply but do not demand > disuse of TLS 1.0 and TLS 1.1, and could inadvertently be interpreted to > mean that use of TLS 1.2 rather than TLS 1.3 is sinful. > > An additional (congenial) informative reference could be BSI TR-02102-2 > found at > > > https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/tr02102/index_htm.html > > which in §3.2 states "TLS 1.0 and TLS 1.1 are *not recommended*". > > Regards, > > Gary > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Best regards, Kathleen
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
