Hiya, On 01/12/2020 00:29, Peter Gutmann wrote:
However I think your comment points out the overall problem: usage in web, mail and OSes This means there's no consideration at all of use in embedded/SCADA/whatever.
I wouldn't agree with "no consideration" but guess we might agree about a lack of data. In particular, mail servers within enterprises were an explicit consideration but one where the consensus I think ended up pretty clear to be to deprecate despite at that time ongoing non-trivial usage of old versions. That said, if someone had words to suggest that might garner consensus, that would be good. I earlier said I'd try craft such, and will, but maybe better to start that with text from someone who works with these deliberately update-averse devices. (My guess as of now, is that would need to try describe cases where our "MUST NOT" is really an rfc6919 "MUST NOT (but we know you will)" rather than an attempt to characterise all the situations where the "MUST NOT" is clearly correct.) Cheers, S. PS: I think the earlier discussion referred to above answers Keith's point about mail servers, if one looks back over it. (That's from memory though, me not actually having gone back and looked over it again... yet;-)
Attachment:
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
