Re: Updating the rules?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



No one had any concern with the version of TLS that was selected by the working group. However, there were two things that cause me to want a change. I'll let others provide their own point of view.

1) History has shown that TLS implementations do a very good job handling backward compatibility. As a result, there has been a smooth transition from SSL 3.0 to TLS 1.0, and a similarly smooth transition has begun from TLS 1.0 to TLS 1.1. TLS 1.2 is being developed in the TLS WG right now. I expect the transition to TLS 1.2 to be smooth as well.

2) We do not want to update the standards-track Atom RFC to track TLS developments. The language that was put in the document made it easy for an implementor to use a TLS library and let the version negotiation naturally select the highest version supported by the two peers.

Russ

At 11:03 PM 7/9/2007, Robert Sayre wrote:
I'm also interested in the reasoning behind the IESG's decision to
allow Atompub to avoid requiring a specific TLS version. That
certainly allows for incompatible conformant implementations. I don't
understand why WGs are not permitted to make similar judgments
regarding other security mechanisms--they usually know more about
their market than the IESG does.


_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]