I do not think you have consensus for that change to WebRTC - it was discussed extensively. I would just leave things as they are.
> On Oct 2, 2019, at 8:45 AM, John Mattsson > <john.mattsson=40ericsson....@dmarc.ietf.org> wrote: > > Hi, > > Sean Turner wrote: >> "You can change the text, but I do not believe it will change the >> implementations." > > I would much rather have a future proof RFC that forbids negotiation of DTLS > 1.0 with the knowledge that some implementations will temporary violate that, > than having an RFC that long time in the future allows negotiation and use of > DTLS 1.0. > > > Eric Rescorla wrote: >> "result of some pretty extensive discussion and compromising in rtcweb" > > That does not surprise me, but I think that is part of the problem. These > things should mainly be decided by the TLS working group. > Draft-ietf-rtcweb-security-arch mandated DTLS 1.0 until Nov 2018. That is > half a year after the "Deprecating TLSv1.0 and TLSv1.1" draft was submitted > and almost 7 years after DTLS 1.0 was made obsolete. > > > No matter what is done in this particular case, I think the important thing > to discuss is how we avoid drafts that only support obsolete versions of > TLS/DTLS in the future. According to my understanding of the comments in the > thread "Lessons learned from TLS 1.0 and TLS 1.1 deprecation", both me, > Kathleen Moriarty, and Martin Thomson understands obsoleted as: > > "New implementations and deployments MUST include support of the new version". > > If this is not clearly defined somewhere, I think it needs to be specified. > If it is specified somewhere, IETF needs to make sure to follow apply it. > > Cheers, > John > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
