On 11/30/20 7:29 PM, Peter Gutmann wrote:
So I think the text should include wording to the effect that it applies to public Internet use but not to embedded/SCADA/etc for which very different considerations apply.
I've been thinking something like this also. But IMO there are still valid cases for negotiating older versions of TLS on the public Internet, such as the mail relaying case mentioned earlier. So far I haven't thought of a reason where either (a) bouncing an email message; (b) resending it in cleartext; or (c) discarding it, is better than relaying with TLS 1.0 or 1.1. (Though maybe there aren't enough MTAs that do opportunistic TLS using version <= 1.1 to matter.)
More generally, the right remedial behavior for an application with e2e connectivity and an interactive UI that can't do better than TLS 1.1, isn't necessarily the right behavior for all applications.
So maybe two restrictions on scope? (1) public Internet; (2) e2e and interactive application?
But it's important to understand that protocols and protocol implementations that are used on the public Internet are also used on isolated and mostly-isolated networks.
Given that this is BCP and not standards-track, maybe it should just be made clear that an implementation that does support 1.0 or 1.1 isn't necessarily violating the standard, it's just discouraged as a practice.
Keith -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
