Most people in the positions you describe are not experts themselves, but rely on the recommendations and analysis of prominent industry groups because they know that that is likely to produce better answers than every IT practitioner trying to determine the answer themselves.
Agree, in general. The best and brightest will say “what has the TLS working group at IETF said about this important topic?” Which is why it is useful for us to provide high quality analysis and practical guidance about how we think any upcoming transition(s) and upgrade(s) will go. And why it is important that we get it right … And I don’t think we did. TNX From: TLS <tls-boun...@ietf.org> On Behalf Of Salz, Rich Sent: Tuesday, January 2, 2024 10:06 AM To: Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> Cc: TLS@ietf.org Subject: Re: [TLS] [EXT] Re: Adoption call for 'TLS 1.2 Feature Freeze' My starting assumption here is that the majority of people implementing TLS and/or deciding what to authorize for deployment TLS-wise, are not stupid, and understand the benefits of the newer protocol version, including its added security. And capable of evaluating the risks of moving to TLS 1.3 vs. staying with 1.2. That is a much nicer and broader brush than one I am willing to use to paint the IT industry.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
