Ketan Talaulikar has entered the following ballot position for draft-ietf-tls-tls12-frozen-07: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-tls12-frozen/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for this document. A couple of comments (that I found ambiguous) for consideration of the authors and the responsible AD. 1) Section 1 "This document specifies that outside of urgent security fixes, and the exceptions listed in Section 4, no changes will be approved for TLS 1.2." Following the conversations, it seems like the goal is for IETF to not adopt or approve work related to TLS 1.2 except some (exceptional) cases of security issues that are agreed upon in the TLS WG. If so, text along those lines would help clear ambiguities. 2) Section 2 "Put bluntly, post-quantum cryptography for TLS 1.2 WILL NOT be supported (see Section 4) at any time and anyone wishing to deploy post-quantum cryptography should expect to be using TLS 1.3." The use of uppercase BCP14-like language tripped me as well. I believe the intention here is again that this work not be undertaken in the IETF (i.e., enhancements related to PQC MUST NOT be specified by IETF?). Is there something to be added in the IANA considerations with regards to guidance to DEs to follow the guidelines in this document and not make allocations for TLS 1.2 extensions that may come from outside the IETF standards track? Finally a question, unrelated to this document, does the TLS WG charter need an update to capture some of this decision/direction? _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
