(Even though this sub-thread has no effect on the draft, I couldn't resist:-) On 03/12/2020 23:53, Rob Sayre wrote:
The enterprise perspective is not usually considered or understood at IETFI think that perspective is both considered and understood, but not usually accommodated.
I think you're both wrong:-) It seems wrong to me to assume that there is a singular and united "enterprise perspective" on TLS and that was very clear from earlier debates where some people made one kind of assertion, while others, also correctly saying they represented "enterprises" fully disagreed. There are of course a set of networks that have difficulty in managing and updating the systems that make up their networks. There are others for whom updating TLS is going to be much less of an issue due to the nature of those networks (newer, or more automated/centralised, or whatever). Both situations arise for understandable valid reasons but dealing with the cases where problems do or don't arise isn't helped IMO by over-claiming on any side. And yes, in addition to the above, there are people whose main (and also reasonable) concern is the web, and their concerns and ability to handle updates do differ. And there are others for whom other issues take precedence. None of that means a lack of consideration, nor a lack of accommodation. For things like TLS, where code is often delivered via libraries, the timing of change does sometimes make for awkward compromises, that will make some of the above unhappy, but that's just life and is why the WG chairs and ADs are such well paid consensus callers:-) I think the IETF process works pretty well for all this, overall, and over time. Cheers, S.
Attachment:
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
