The term "obsolete" appears to be used incorrectly when it comes to TLS/DTLS 1.2 used in the IoT environment. It is widely used today and I expect it to be used for a while since (a) there are no security problems with it (when configured correctly), and (b) for many use cases it also offers suitable performance. There is a well-tested open source codebase available for TLS/DTLS 1.2. While I am a big fan of TLS / DTLS 1.3, I would also like to acknowledge the speed at which the market operates.
From: John Mattsson <john.matts...@ericsson.com> Sent: Thursday, November 4, 2021 2:11 PM To: Hannes Tschofenig <hannes.tschofe...@arm.com>; IETF TLS <tls@ietf.org> Subject: Re: Flags Extension: why only for TLS 1.3? TLS 1.2 has been obsolete for over three years. Oxford dictionary defines obsolete as "no longer produced or used; out of date." NIST requires support of TLS 1.3 everywhere no later than Jan 2024, which at least in theory means no negotiation of TLS 1.2. I think IETF, TLS WG, and TLS libraries should spend their time on TLS 1.3 rather than giving the false idea it is ok to stay on TLS 1.2. John From: TLS <tls-boun...@ietf.org<mailto:tls-boun...@ietf.org>> on behalf of Hannes Tschofenig <hannes.tschofe...@arm.com<mailto:hannes.tschofe...@arm.com>> Date: Monday, 25 October 2021 at 19:12 To: IETF TLS <tls@ietf.org<mailto:tls@ietf.org>> Subject: [TLS] Flags Extension: why only for TLS 1.3? Hi all, why is the flags extension only defined for TLS 1.3? There is nothing in this extension that prevents us from using it also in TLS 1.2. Could we make it also available to TLS 1.2? Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
