On 4/27/20 3:03 AM, tom petch wrote: > What is the point of rfc7525bis? Why do we need it?
We explained much of the reasoning in the meeting last week: https://datatracker.ietf.org/doc/slides-interim-2020-uta-01-sessa-tls-bcp-the-next-generation/ The topics we (the co-authors) plan to address in a bis document include: Add TLS 1.3 Definitively deprecate earlier TLS versions (cf. draft-ietf-tls-oldversions-deprecate) Update treatment of fallback in view of SCSV (RFC 7507) Indicate issues that are relevant only to TLS 1.2 vs. those that remain in TLS 1.3 Specific TLS 1.3 gotcha: 0-RTT – what should we say here? Mention Certificate Transparency Mention Encrypted SNI Recommend 1.3-only (no 1.2) for new “greenfield” protocols and embedding in a different context (e.g., as in QUIC) Provide guidance on handling of multiplexed protocols (RFC 8740) Provide guidance on handling TLS 1.2 renegotiation / tickets to ensure forward secrecy DTLS versions (recommend DTLS 1.3 if draft-ietf-tls-dtls13 is approved in time?) Remove (or move to appendix) issues that are mostly fixed (e.g., compression, renegotiation) Reword some of the background but leave the motivation (i.e. attacks) for TLS 1.2 Additional topics were also raised during the meeting last week, such as recommending larger key sizes. Peter _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
