On 7/18/22 10:15 AM, Martin Thomson wrote:
On Mon, Jul 18, 2022, at 15:34, Rob Wilton (rwilton) wrote:
I completely get wanting the interop, but the MUST implement TLS 1.2
still feels too strong given that AIUI, one of the reasons for TLS 1.3
was to help mitigate some of the security issues that turned up in TLS
1.2. It feels reasonable to me for a server deployment to decide that
they will only support TLS 1.3 because it is easier to deploy securely,
placing the requirement on the client to also support TLS 1.3 for
successful interop.
There is potentially room here for a "MUST...unless" shape to the document. I
am not aware of any that do this currently, but a few years ago some websites dropped
support for TLS 1.0 and 1.1 because they could be confident that browsers supported TLS
1.2. Or at least all those they cared about did. You might be able to conclude the same
for TLS 1.3 today.
But I don't think that you can drop TLS 1.2 today without some care and that
approach is not really generally applicable.
Not yet, no.
Rob, I'd like to reiterate that we expect this BCP to be updated again
once the facts on the ground justify doing so. I suspect this will be
case when TLS 1.3 is even more widely supported and the IETF is ready to
deprecate TLS 1.2. Maybe that will be 3-5 years from now (who knows?),
but the consensus of the UTA WG was that this time is not yet. It is,
after all, Best Current Practice not Best Future Practice. ;-) I would
like to suggest that we publish the recommendations as they stand in the
document now, and then update the BCP again with less than a 7-year gap
next time.
Peter
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
