On Dec 2, 2020, at 1:51 PM, STARK, BARBARA H <bs7...@att.com> wrote: > The final version of this was published over a year ago (August 2019). The > first draft was in 2017. > You said enterprises needed 1-2 years (or more) lead time. In the US, I think > they've had at least 3 years lead time, so far.
Actually, when we had this conversation in Prague in 2017 (admittedly, at the time we were talking about the TLS 1.3 transition), Michael mentioned that he’d been asking for extensions for PCI compliance in the transition to TLS 1.2. IIRC the requirements had been announced at least five years prior, although I don’t remember the precise details. So the point is, this was something that any industry that processes credit cards has known about and had as a burning issue for much longer than 1-2 years.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
