On 7/15/22 2:37 PM, Martin Thomson wrote:
On Sat, Jul 16, 2022, at 06:01, Peter Saint-Andre wrote:
Shouldn’t this be "Implementations MUST support TLS 1.2 {{!RFC5246}} or a later version"?
Otherwise, protocols like QUIC would presumably not be compliant with this BCP if they only
support TLS 1.3? Or alternatively, this could probably be stated as "Implementations MAY
support TLS 1.2 {{!RFC5246}}".
The implementations we've always had in mind for this document are
TLS/DTLS implementations, not implementations of protocols that re-use
TLS/DTLS in whole or in part (e.g. QUIC re-uses the handshake protocol
but not the record layer). However, that's not crystal clear in the
document because we only recently started mentioning QUIC. I'll talk
with my co-authors about this when we next have a chance to meet
regarding all the recent feedback.
I think that you are right to be cautious here. What you want to have happen
is interoperability. If you say 1.2 or later, then there is a risk of some
implementations doing 1.2 only and some doing 1.3 only, then you lose the
ability to communicate.
I think that you might benefit from putting QUIC out of scope, except to note
that some of the advice is applicable to QUIC insofar as it uses the TLS (1.3)
handshake.
Thanks, that seems like a reasonable approach.
Peter
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
