Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 12/1/20, 4:29 AM, "Peter Gutmann" <pgut001@xxxxxxxxxxxxxxxxx> wrote:

    Stephen Farrell <stephen.farrell@xxxxxxxxx> writes:

    >That said, if someone had words to suggest that might garner consensus, that
    >would be good.

    I think all it needs is something along the lines of "This BCP applies to TLS
    as used on the public Internet [Not part of the text but meaning the area that
    the IETF creates standards for].  Since TLS has been adopted in a large number
    of areas outside of this, considerations for use in these areas are left to
    relevant standards bodies to define".
 

I think it should be phrased the other way, as in
	There are some environments (e.g., a network which has no connectivity to the public Internet), where this BCP need not apply.

I don't care what the wording is, but I think the right way to approach this is to carve out an exception for those who will be upset by the recommendation.


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux