Rob Sayre <sayrer@xxxxxxxxx> writes: >Also, in the realm of opinion rather than correctness: mandating TLS 1.2 >support is misguided. Every TLS implementation maintains divided codebases >for 1.2 vs 1.3. On desktop PCs and servers perhaps, but in embedded the very fact that you need two sets of codebases means many systems will stay with 1.2, possibly forever when everything around them is also staying with 1.2. >No one reads the TLS 1.2 code very closely these days, in my experience, so >the BCP would be mandating support for something people don't really work on >anymore. Unless the only codebase you've got is 1.2. However in the same embedded systems you typically do it once, do it right, and skip the neverending flow of bells and whistles that keep appearing, so there's no need to constantly fiddle with the code as for PC/server use. Peter. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
