This version has some minor wording fixes, but the main thrust is that I tried to clarify ambiguities around which version to use. Please take a look, especially people who commented on the thread[1] (Alan DeKok, David Benjamin, among others)
[1] https://mailarchive.ietf.org/arch/msg/uta/zFuhbAU188ptI_re_lFtwb24Vj4/ I hope that this is now ready for WGLC, but let's see what people say. :) On 7/24/24, 6:39 PM, "internet-dra...@ietf.org <mailto:internet-dra...@ietf.org>" <internet-dra...@ietf.org <mailto:internet-dra...@ietf.org>> wrote: A new version of Internet-Draft draft-ietf-uta-require-tls13-01.txt has been successfully submitted by Rich Salz and posted to the IETF repository. Name: draft-ietf-uta-require-tls13 Revision: 01 Title: New Protocols Must Require TLS 1.3 Date: 2024-07-24 Group: uta Pages: 8 URL: https://www.ietf.org/archive/id/draft-ietf-uta-require-tls13-01.txt Status: https://datatracker.ietf.org/doc/draft-ietf-uta-require-tls13/ HTML: https://www.ietf.org/archive/id/draft-ietf-uta-require-tls13-01.html Diff: https://urldefense.com/v3/__https://author-tools.ietf.org/iddiff?url2=draft-ietf-uta-require-tls13-01 Abstract: TLS 1.2 is in widespread use and can be configured such that it provides good security properties. TLS 1.3 is also in widespread use and fixes some known deficiencies with TLS 1.2, such as removing error-prone cryptographic primitives and encrypting more of the traffic so that it is not readable by outsiders. Since TLS 1.3 use is widespread, new protocols must require and assume its existence. This prescription does not pertain to DTLS (in any DTLS version); it pertains to TLS only. The IETF Secretariat _______________________________________________ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ietf.org
