Hi,
I think the main problem would be that the handshake is vastly different.
I don’t care which document the deprecation happens in, because I am right.
thanks,
Rob
On Wed, Jul 13, 2022 at 17:20 Peter Saint-Andre <stpeter@xxxxxxxxxx> wrote:
On 7/13/22 3:00 PM, Salz, Rich wrote:
> * It is definitely the "BCP" already--there are good reasons not to
> support TLS 1.2 on a server, and good reasons for clients not to
> connect to a server that negotiates it.
>
> What are they?
Good question.
This document has been through two WGLCs and IETF Last Call, and is now
in IESG review. It seems somewhat late in the process to be making a
controversial change like deprecating TLS 1.2 *in this document* given
that as far as I can see there is no IETF consensus to do so (e.g., such
a consensus could be established by publishing an RFC that declares TLS
1.2 to be obsolete, as RFC 8996 did for TLS 1.0 and TLS 1.1). IMHO we
could take this step whenever we publish rfc7525ter (the document that
obsoletes draft-ietf-uta-rfc7525bis, whenever that happens).
Peter
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
