[TLS] Re: Ketan Talaulikar's No Objection on draft-ietf-tls-tls12-frozen-07: (with COMMENT)

Tue, 01 Apr 2025 09:59:05 -0700 

I should probably have a tattoo made somewhere that lists the BCP 14 words.  As 
WILL NOT has no standing, I will gladly change it to lowercase.  Thank you.

From: Deb Cooley <debcool...@gmail.com>
Date: Tuesday, April 1, 2025 at 12:30 PM
To: Salz, Rich <rsalz=40akamai....@dmarc.ietf.org>
Cc: Ketan Talaulikar <ketant.i...@gmail.com>, The IESG <i...@ietf.org>, 
draft-ietf-tls-tls12-fro...@ietf.org <draft-ietf-tls-tls12-fro...@ietf.org>, 
tls-cha...@ietf.org <tls-cha...@ietf.org>, tls@ietf.org <tls@ietf.org>, 
s...@sn3rd.com <s...@sn3rd.com>
Subject: Re: Ketan Talaulikar's No Objection on draft-ietf-tls-tls12-frozen-07: 
(with COMMENT)
I think the question may be why 'WILL NOT' vice 'will not'. . . . especially 
since 'will' and 'will not' isn't listed in BCP 14 as 'special'. will not is 
just as normative as WILL NOT without the BCP
ZjQcmQRYFpfptBannerStart
This Message Is From an External Sender
This message came from outside your organization.

ZjQcmQRYFpfptBannerEnd
I think the question may be why 'WILL NOT' vice 'will not'.... especially since 
'will' and 'will not' isn't listed in BCP 14 as 'special'.

will not is just as normative as WILL NOT without the BCP 14 baggage....

Deb

On Tue, Apr 1, 2025 at 10:59 AM Salz, Rich 
<rsalz=40akamai....@dmarc.ietf.org<mailto:40akamai....@dmarc.ietf.org>> wrote:

Work on post-quantum cryptography for TLS 1.2 SHOULD NOT be undertaken (see 
Section 4) in the IETF and anyone wishing to deploy post-quantum cryptography 
is expected to use TLS 1.3 (or newer). Related work MAY be taken up by the TLS 
WG consensus in exceptional scenarios.

The consensus of the WG is “WILL NOT”. That is clear and more definitive than 
SHOULD. The last sentence seems superfluous given the early mention of “only 
security issues.” The WG also discussed the “or later” construct and decided 
against it since we don’t know what 1.3-next will have. Taken together, that 
leaves us with the current wording.

BCP14 keywords are recognized industry-wide (not just within IETF). IMHO it 
would be helpful if the message is clear using those keywords. I'll leave this 
to my SEC AD colleagues :-)

Sure.


_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org

Reply via email to