On Fri, Oct 4, 2019 at 7:43 AM Rob Sayre <say...@gmail.com> wrote: > On Fri, Oct 4, 2019 at 9:08 PM Cullen Jennings <flu...@iii.ca> wrote: > >> >> I do not think you have consensus for that change to WebRTC - it was >> discussed extensively. ... >> > > While that may be true, readers of this list might want to read a > rationale, rather than just the results of a negotiation. Is there a > rationale somewhere? > > It seems strange to put DTLS 1.0 (based on TLS 1.1) into new documents. >
A few points. 1. It doesn't pull it in. There's no reference and there's just an informative statement. 2. There is a rationale. In fact, the relevant text pretty much is all rationale. All Implementations MUST support DTLS 1.2 with the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256 curve [FIPS186 <https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-20#ref-FIPS186>]. Earlier drafts of this specification required DTLS 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and at the time of this writing some implementations do not support DTLS 1.2; endpoints which support only DTLS 1.2 might encounter interoperability issues. -Ekr Rob > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
