On Fri, Oct 4, 2019 at 9:48 PM Eric Rescorla <e...@rtfm.com> wrote: > > > On Fri, Oct 4, 2019 at 7:43 AM Rob Sayre <say...@gmail.com> wrote: > >> On Fri, Oct 4, 2019 at 9:08 PM Cullen Jennings <flu...@iii.ca> wrote: >> >>> >>> I do not think you have consensus for that change to WebRTC - it was >>> discussed extensively. ... >>> >> >> While that may be true, readers of this list might want to read a >> rationale, rather than just the results of a negotiation. Is there a >> rationale somewhere? >> >> It seems strange to put DTLS 1.0 (based on TLS 1.1) into new documents. >> > > A few points. > > 1. It doesn't pull it in. There's no reference and there's just an > informative statement. >
Shouldn't there be an informative reference? > 2. There is a rationale. In fact, the relevant text pretty much is all > rationale. > > All Implementations MUST support DTLS 1.2 with the > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256 > curve [FIPS186 > <https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-20#ref-FIPS186>]. > Earlier drafts of this specification required DTLS > 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and > at the time of this writing some implementations do not support DTLS > 1.2; endpoints which support only DTLS 1.2 might encounter > interoperability issues. > > Yes, I read this section and I was wondering what the rationale was for the text: "endpoints which support only DTLS 1.2 might encounter interoperability issues." Is there some data behind this? I'm not suggesting a change in the draft without more information, but I do wonder how the WG came to agree on this text. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
