On Sun, Oct 6, 2019 at 9:42 AM Benjamin Kaduk <ka...@mit.edu> wrote: > On Fri, Oct 04, 2019 at 09:57:53PM +0700, Rob Sayre wrote: > > On Fri, Oct 4, 2019 at 9:48 PM Eric Rescorla <e...@rtfm.com> wrote: > > > > > > > > > > > On Fri, Oct 4, 2019 at 7:43 AM Rob Sayre <say...@gmail.com> wrote: > > > > > >> On Fri, Oct 4, 2019 at 9:08 PM Cullen Jennings <flu...@iii.ca> wrote: > > >> > > >>> > > >>> I do not think you have consensus for that change to WebRTC - it was > > >>> discussed extensively. ... > > >>> > > >> > > >> While that may be true, readers of this list might want to read a > > >> rationale, rather than just the results of a negotiation. Is there a > > >> rationale somewhere? > > >> > > >> It seems strange to put DTLS 1.0 (based on TLS 1.1) into new > documents. > > >> > > > > > > A few points. > > > > > > 1. It doesn't pull it in. There's no reference and there's just an > > > informative statement. > > > > > > > Shouldn't there be an informative reference? > > I think that's largely a question for the sponsoring AD (CC'd) and the RFC > Editor. > > > > > > 2. There is a rationale. In fact, the relevant text pretty much is all > > > rationale. > > > > > > All Implementations MUST support DTLS 1.2 with the > > > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256 > > > curve [FIPS186 < > https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-20#ref-FIPS186>]. > Earlier drafts of this specification required DTLS > > > 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and > > > at the time of this writing some implementations do not support DTLS > > > 1.2; endpoints which support only DTLS 1.2 might encounter > > > interoperability issues. > > > > > > > > Yes, I read this section and I was wondering what the rationale was for > the > > text: "endpoints which support only DTLS 1.2 might encounter > > interoperability issues." Is there some data behind this? I'm not > > suggesting a change in the draft without more information, but I do > wonder > > how the WG came to agree on this text. > > My assumption (I was not following the work) is that it was a well-known > fact among implementors at the time that some large implementations only > implemented DTLS 1.0.
Yes, though I don't have data on it. Accordingly, "might encounter interoperability > issues" is a bland uncontroversial fact, in that context. It's not clear > to me that we are adding much value revisiting the rtcweb WG's decisions > over here on the TLS WG without getting input from rtcweb about why they > put it that way in the first place... > Fortunately, the WGs share a chair, so perhaps that chair could provide the minutes, etc. :) -Ekr > -Ben >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
