Hello Martin, On Tue, Apr 30, 2019 at 7:50 PM Martin Rex <m...@sap.com> wrote:
> Martin Thomson <m...@lowentropy.net> wrote: > > On Sat, Apr 27, 2019, at 07:29, Viktor Dukhovni wrote: > >> The sound-bite version is: first raise the ceiling, *then* the floor. > > > > Yep. We've done the ceiling bit twice now. > > Once in 2008 when we published TLS 1.2 and then in 2018 > > with the publication of TLS 1.3. I'd say we're overdue for the floor > bit. > > Just that this rationale is a blatant lie. > > It is formally provable that from the three protocol versions: > > TLSv1.0, TLSv1.1, TLSv1.2 > > the weakest one is TLSv1.2, because of the royally stupid downgrade > in the strength of digitally signed. > > > Disabling TLSv1.0 will only result in lots of interop failures > and pain, but no improvement in security. > > I believe this is the last outstanding comment, pending a reference. Thank you for your review and contribution. Best regards, Kathleen > > -Martin > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Best regards, Kathleen
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
