Re: [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/11/2020 11:18, Stephen Farrell wrote:

Hiya,

On 10/11/2020 10:21, tom petch wrote:
I am confused about the treatment here of DTLS.

The Abstract seems clear about the proposed action for TLS but then
the second paragraph has
" This document also deprecates Datagram TLS (DTLS) version 1.0
(RFC6347)"

Mmmm, really?

Sorry, I don't understand the comment. If you're just teeing
up what's below that's fine, but I wasn't sure.

Try looking at the I-D References and see what you find for RFC6347 and see if you want to deprecate it!

There is a list of current RFC that Normatively reference the
deprecated versions of DTLS and TLS; and then a list of obsolete RFC
that Normatively reference TLS but for DTLS...?  I look, for example,
for RFC5953 which is
obsolete and which Normatively references DTLS 1.0 but without
success; nor can I find RFC6353 which is current and which Normatively
references DTLS 1.0 (and which is part of a STD - not sure what that
does to the Standard)

Could be we missed some references for sure. An early
version of those lists was produced from a script I wrote
and those were edited as people commented - I always
figured we'd make that better when getting comments at
IETF LC.

Is the gist of your comment then "add 6353 and 5953 to
the relevant lists" (which'd be fine by me) or that we
need to do something else/more? (In the latter case, I'm
not sure what you're suggesting so clarifying that'd be
good.)

I was not looking for anything missing but, even so, came across these two without even looking so I am suspecting that the algorithm you used did not cater for DTLS 1.0, perhaps when it is in combination with TLS or some such, as it is in these two cases, and that there will be more out there that have been missed. Perhaps a second look at the algorithm to work out why these got missed to get a fix on how many more there may be.

Tom Petch


And, in several places
/supercede/supersede/

One for the RFC editor I guess. But sure, will make 'em
all the same:-)

Thanks,
S.


Tom Petch


On 09/11/2020 22:26, The IESG wrote:

The IESG has received a request from the Transport Layer Security WG
(tls) to
consider the following document: - 'Deprecating TLSv1.0 and TLSv1.1'
   <draft-ietf-tls-oldversions-deprecate-09.txt> as Best Current
Practice

The IESG plans to make a decision in the next few weeks, and solicits
final
comments on this action. Please send substantive comments to the
last-call@xxxxxxxx mailing lists by 2020-11-30. Exceptionally,
comments may
be sent to iesg@xxxxxxxx instead. In either case, please retain the
beginning
of the Subject line to allow automated sorting.


--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux