Hi, What is the definition of “enterprise”?
Thanks, Rob On Thu, Dec 3, 2020 at 7:48 PM Ackermann, Michael <mackerm...@bcbsm.com> wrote: > Deborah > > Thanks so much for your informative and positive message. > > I have not followed the OPs area too much, but will make an effort to do > so now. Any specific drafts you might suggest, I will review. In > particular, I am interested in what specific IPv6 document from the OPs > area you refer too? > > > > I took a look at the ISOC IPv6 doc you listed. Interesting but it > appears to be quite old. Do you feel it is still relevant? Enterprises > need a lot of info on IPv6 and I want to point them in the most effective > directions. > > By increasing visibility, do you mean ways to get Enterprises more > involved or aware of IETF? I can sadly say none that have yet been > effective, but I do intend to keep trying. Perhaps you have ideas? > > > > And finally, I checked out your Pragmatic Link. Still laughing, even > though it unfortunately seems to have very little relevance to my world 😊 > > > > Once again I really appreciate your constructive comments and > information. > > > > Mike > > > > -----Original Message----- > From: BRUNGARD, DEBORAH A <db3...@att.com> > Sent: Thursday, December 3, 2020 5:10 PM > To: STARK, BARBARA H <bs7...@att.com>; 'Watson Ladd' < > watsonbl...@gmail.com>; Ackermann, Michael <mackerm...@bcbsm.com> > Cc: 'Peter Gutmann' <pgut...@cs.auckland.ac.nz>; 'Eliot Lear' <lear= > 40cisco....@dmarc.ietf.org>; 'last-c...@ietf.org' <last-c...@ietf.org>; ' > tls-cha...@ietf.org' <tls-cha...@ietf.org>; ' > draft-ietf-tls-oldversions-deprec...@ietf.org' < > draft-ietf-tls-oldversions-deprec...@ietf.org>; 'tls@ietf.org' < > tls@ietf.org> > Subject: RE: [Last-Call] [TLS] Last Call: > <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and > TLSv1.1) to Best Current Practice > > > > [External email] > > > > > > As Barbara builds her confidence for the IETF list and while we have > Mike's attention- > > > > Mike, you commented "More, it is a lack of understanding of how things > work within Enterprise Networks and the lack of Enterprise engagement in > Standards Development processes. And finally, this may not be a gap that > the IETF should care about or address, but someone should, IMHO." > > > > I wanted to +1 on to Barbara's message - many of us will say - "we do > care". As IETF is "huge" (for many operators/users that is the biggest > bottleneck on participating), not sure if you follow the ops area (I'm a > routing AD, but ops always has my attention😊), they have several > documents on enterprises. Currently a document on the impact of TLS1.3 on > operational network security practices. They also have an IPv6 one. I think > in all the Areas (I know best the routing area), we encourage operators and > users to participate. If you have suggestions - we are interested. > > > > How to increase visibility? Do you have suggestions? Liaisons? ISOC? When > RFC7381 (Enterprise IPv6) was done, it was an ISOC blog: > > > https://www.internetsociety.org/blog/2014/10/new-rfc-7381-enterprise-ipv6-deployment-guidelines/ > > > > Possibly this draft should be a blog? Suggestions? > > > > Thanks again for the interesting thread- Deborah for some humor - I'm > still stumbling on the draft's requirement "Pragmatically, clients MUST NOT > send". I'm not sure operationally how to ensure pragmatic client behavior - > maybe a "pragmatic client" profile😊 I'll save that question for my > ballot comment. And of course a google of pragmatic is very entertaining: > > > https://www.google.com/search?q=pragmatic&tbm=isch&source=iu&ictx=1&fir=UnkLahjDGGZYtM%252C2VmBAP_98FtW_M%252C%252Fm%252F0c6h9&vet=1&usg=AI4_-kQHPVOk9B-3gfzcXUP1bBCiuOQ5TQ&sa=X&ved=2ahUKEwjxqN-W1rLtAhXKhK0KHWuFBGYQ_B16BAgrEAE#imgrc=WzKrFQWEFvjiWM > > > > > > > > -----Original Message----- > > From: last-call <last-call-boun...@ietf.org> On Behalf Of STARK, BARBARA H > > Sent: Thursday, December 3, 2020 12:03 PM > > To: 'Watson Ladd' <watsonbl...@gmail.com>; 'Ackermann, Michael' < > mackerm...@bcbsm.com> > > Cc: 'Peter Gutmann' <pgut...@cs.auckland.ac.nz>; 'Eliot Lear' < > lear=40cisco....@dmarc.ietf.org>; 'last-c...@ietf.org' <last-c...@ietf.org>; > 'tls-cha...@ietf.org' <tls-cha...@ietf.org>; ' > draft-ietf-tls-oldversions-deprec...@ietf.org' < > draft-ietf-tls-oldversions-deprec...@ietf.org>; 'tls@ietf.org' < > tls@ietf.org> > > Subject: Re: [Last-Call] [TLS] Last Call: > <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and > TLSv1.1) to Best Current Practice > > > > Ow! Mike is my friend. Don't go dissing my friend! > > > > I think the problem in communication we've just experienced is because > Mike strayed away from Last Call discussion on a specific document, to > asking/discussing a more general question of how IETF can better > communicate with enterprises and perhaps even engage with enterprises to > make it easier to operationalize protocols inside enterprise networks. I > didn't see Mike suggesting any changes to the draft in Last Call, relevant > to this question. ? > > > > I'd like to suggest that maybe we could discuss this a little more on the > ietf list? But not here. > > I'll see what happens if I start a thread over there (i...@ietf.org) ... > > Barbara > > > > [Let me drum up my courage first. Thinking about posting to that list is > much more stressful to me than, for example, thinking about bungie jumping > off the Macau Tower -- an experience I highly recommend.] > > > > > > Barbara, > > > > Thanks. > > > > And I think I was aware of all you state below regarding TLS, and > > > > apologize > > > for any related confusion regarding IPv6, even though, for the > > > purposes of my comment, they are similar. > > > > > > > > > > > > I don't disagree with anything you say on the TLS subject, which is > > > essentially that prior versions of TLS may be considered insecure, > > > etc. and should be deprecated..... > > > > > > Shouldn't we publish a document saying that? It seems this would > > > represent consensus, even your view of the issue. > > > > > > > > > > > My associated point is that Enterprises are generally not aware of > > > > this and > > > that it is not currently on our Planning or Budget Radars. > > > > > > > > > TLS 1.2 has been around for how many years? All versions of OpenSSL > > > without support have been EOL for some time. How many other CVE remain > > > to be found in them? FIPS, PCI etc are all very clear that old TLS is > > > going away. Browsers have supported TLS 1.2 for years. So has Windows. > > > This depreciation should be easy given the extent of support for TLS > > > 1.2. > > > > > > I bet that most services you run are already using TLS 1.2 or even 1.3 > > > because the client and server have been updated. > > > > > > > Further, this means we are potentially years from effectively and > > > operationally addressing such issues. > > > > > > Let's be about it. > > > > > > > And we must do so in conjunction with Partners, Clouds, Clients > > > > and > > > others. > > > > And my general, overall point is that the answer to addressing the > > > > above is > > > to find way(s) of making Enterprises aware and possibly assisting with > > > methods of addressing. I think I also said this problem is not > unique to TLS > > > or IPv6. More, it is a lack of understanding of how things work > within > > > Enterprise Networks and the lack of Enterprise engagement in Standards > > > Development processes. > > > > And finally, this may not be a gap that the IETF should care about > > > > or > > > address, but someone should, IMHO. > > > > > > Your argument against the current text seems to be the following: we > > > have a problem. It is inconvenient for me that you will ask me to deal > > > with the problem. Therefore I would like the problem to not be > > > acknowledged. > > > > > > Perhaps I am being too uncharitable. But I fail to see how softening > > > the language eases depreciation, or what the consequence you fear > > > happening are. You're free to continue ignoring the RFC series. But > > > reality does not go away if it is ignored. > > > > > > Sincerely, > > > Watson Ladd > > > > > > > > > > > Thanks > > > > > > > > Mike > > -- > > last-call mailing list > > last-c...@ietf.org > > > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/last-call__;!!BhdT!1mNyW_HOYqxvO6jkrkE01zLoel9zrEb9Om34gLPLPqvikiDKKm4gJz3zSSrsDXk$ > <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/last-call__;!!BhdT!1mNyW_HOYqxvO6jkrkE01zLoel9zrEb9Om34gLPLPqvikiDKKm4gJz3zSSrsDXk$> > > The information contained in this communication is highly confidential and > is intended solely for the use of the individual(s) to whom this > communication is directed. If you are not the intended recipient, you are > hereby notified that any viewing, copying, disclosure or distribution of > this information is prohibited. Please notify the sender, by electronic > mail or telephone, of any unintended receipt and delete the original > message without making any copies. > > Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are > nonprofit corporations and independent licensees of the Blue Cross and Blue > Shield Association. > -- > last-call mailing list > last-c...@ietf.org > https://www.ietf.org/mailman/listinfo/last-call >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
