Hi Toerless, all, Please see inline one clarification comment as I think that is important.
Cheers, Med > -----Message d'origine----- > De : Toerless Eckert <t...@cs.fau.de> > Envoyé : mardi 8 avril 2025 18:05 > À : draft-ietf-uta-require-tls13....@ietf.org; last-c...@ietf.org; > uta@ietf.org; i...@ietf.org > Cc : iot...@ietf.org; an...@ietf.org; draft-ietf-anima-brski- > p...@ietf.org > Objet : Concern about draft-ietf-uta-require-tls13-10 with IoT > protocols > > > Dear IESG, *: > > We received IESG review for draft-ietf-anima-brski-prm that was > asking to make the use of TLS 1.3 mandatory based on the > expectation that draft-ietf-uta-require-tls13 would become RFC - [Med] I guess you were referring to a comment I made. If so, that's not exactly reflecting my comment. I'm copying/pasting here, fwiw; ================ > > > > # Requires TLS1.3 > > > > CURRENT: > > As already stated in [RFC8995], the use of TLS 1.3 (or newer) > is > > encouraged. TLS 1.2 or newer is REQUIRED on the Registrar- > Agent > > side. TLS 1.3 (or newer) SHOULD be available on the > registrar, but > > TLS 1.2 MAY be used. TLS 1.3 (or newer) SHOULD be available > on the > > MASA, but TLS 1.2 MAY be used. > > > > Please update to take into to reflect draft-ietf-uta-require- > tls13. > [stf] I saw that there was already discussion on this issue. I created > a corresponding issue as > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F > github.com%2Fanima-wg%2Fanima-brski- > prm%2Fissues%2F139&data=05%7C02%7Cmohamed.boucadair%40orange.com%7 > Ceddc725b341946fbca5008dd75ef55af%7C90c7a20af34b40bfbc48b9253b6f5d > 20%7C0%7C0%7C638796392977548468%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU > 1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIs > IldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=WqjjxqsAWc9oufFDjJGYsHRdYK9cku > v2CnKiUb5yHrA%3D&reserved=0 > We will discuss the use of TLS 1.2 and if there is a desire to also > allow or existing pledges, that may have no option to only allow TLS > 1.3, we would add a note as suggested and explain the necessity. > [Med] ACK. I'm neutral on the outcome here, but I'd like we back the design and include some reasoning if we don't follow the UTA reco. Thanks. ============== Cheers, Med ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _______________________________________________ Uta mailing list -- uta@ietf.org To unsubscribe send an email to uta-le...@ietf.org
