Re: [Last-Call] [art] Artart last call review of draft-ietf-netconf-over-tls13-03

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rob:

You are right.  I forgot about a discussion we had in the NETCONF WG.  They do not want to be evolutionary.  They decided to continue to require TLS 1.2 for now, but allow TLS 1.3.  In the future, an activity (often called nextconf) will shift the MUST to TLS 1.3.

Russ

On Nov 22, 2023, at 4:02 PM, Rob Sayre <sayrer@xxxxxxxxx> wrote:

On Wed, Nov 22, 2023 at 12:41 PM Russ Housley <housley@xxxxxxxxxxxx> wrote:
Rob:

Slight difference here.  If you support TLS 1.2, then you need to meet the listed requirements.  If you support TLS 1.3, then you need to meet the listed requirements.  We are not telling implementers which one to use.

Well, hold on. It says:

"Implementations MUST support TLS 1.2..."

Presumably implementers make implementations. Are you saying /deployments/ can choose not to support TLS 1.2? (same distinction as RFC 9325)

thanks,
Rob


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux