Hi Peter, On Thu, Jul 14, 2022 at 03:34:03AM +0000, Peter Gutmann wrote: > Rob Sayre <sayrer@xxxxxxxxx> writes: > > >I don't understand your rationale here, though. > > If you've got existing systems with implemented, tested, and in-production TLS > 1.2 stacks then the motivation to do a completely new TLS stack that does more > or less the same thing as the old one but requires twice the code space (since > it'll have to run alongside the old stack) and, usually, a truck roll to > upgrade each system using it, is minimal if not zero. > > Thus there are many systems that will probably stay with 1.2 more or less > forever. For what it's worth, this makes sense to me, and I don't know of any clear technical reasons to say that doing this is a bad idea. On the other hand, I can't even tell whether when Rob says "Just publish it. It’s fine" if he's talking about raft-ietf-uta-rfc7525bis-09 as-is or some hypothetical "MUST NOT use TLS 1.2" statement or something else. -Ben -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
