Éric Vyncke has entered the following ballot position for draft-ietf-uta-require-tls13-10: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-uta-require-tls13/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # Éric Vyncke, INT AD, comments for draft-ietf-uta-require-tls13-10 CC @evyncke Thank you for the work put into this document. It is always useful to stress the important security standards. Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education). Special thanks to Valery Smyslov for the shepherd's write-up including the WG consensus ***but it lacks*** the justification of the intended status. Other thanks to Scott Rose, the DNS directorate reviewer, please consider this int-dir review and one typo: https://datatracker.ietf.org/doc/review-ietf-uta-require-tls13-10-dnsdir-telechat-rose-2025-03-27/ (and I have read reply) I hope that this review helps to improve the document, Regards, -éric ## COMMENTS (non-blocking) ### Title Should the title be "At Least v1.3 of TLS" ? ### Abstract The sentence about example does not really fit an abstract, please remove. Unsure how to read `fixed weaknesses in TLS 1.2` ? I.e, if they are fixed, then why move to TLS 1.3 ? ### Section 1 The first paragraph is somehow self-contradicting "good security properties" vs. "several deficiencies" vs. "bespoke configuration". ### Section 4 I would remove the DoT counter-example, it is only confusing. Isn't the set of crypto algorithms also part of the negotiation ? I.e., a 'stupid' configuration could have TLS 1.2 with really good crypto and TLS 1.3 with average one (in a couple of years). Should the text mention this as well ? ### Section 6 While this section proposes mitigations to some attacks against TLS 1.2, it does not do so for *all* attacks while section claims that bespoke configuration can fix all weaknesses of TLS 1.2. _______________________________________________ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ietf.org
