On Mon, May 22, 2023 at 3:49 PM Eric Rescorla <e...@rtfm.com> wrote:
> On Mon, May 22, 2023 at 1:09 PM Rob Sayre <say...@gmail.com> wrote: > >> The one real problem (imho) with the document is nested MUST requirements: >> https://mailarchive.ietf.org/arch/msg/tls/6x0uEVIUCBwMOIaV3UBzqeRt6Ys/ >> >> EKR called this "guidance", but RFC 2119 says MUST is "an absolute >> requirement". The document needs to use the 2119 requirements language >> correctly. I understand the goal, which is to preserve wire-format >> compatibility in older TLS versions, even though they have security flaws. >> > > As you indicate, the context here is that RFC 8996 forbids TLS < 1.2, but > we know people might ignore that and thus this text is intended to provide > requirements for people who do so. It's an inherently contradictory > situation, > but also the one we find ourselves in. > It doesn't seem like this text should be difficult to fix. The introduction says "The primary goal of TLS is to provide a secure channel between two communicating peers...". Couldn't the document say that the <1.2 versions no longer meet this goal, but nevertheless have compatibility requirements? That's a bit different from calling a MUST "guidance". I think words matter here. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
