Re: [Last-Call] Last Call: <draft-ietf-uta-tls-for-email-03.txt> (Use of TLS for Email Submission and Access) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


FWIW, that looks like a good suggestion to me.

Cheers,
S.

On 16/02/2020 16:25, Julien ÉLIE wrote:
> Hi all,
> 
>> The IESG has received a request from the Using TLS in Applications
>> WG (uta) to consider the following document: - 'Use of TLS for
>> Email Submission and Access' <draft-ietf-uta-tls-for-email-03.txt>
>> as Proposed Standard
>> 
>> The IESG plans to make a decision in the next few weeks, and
>> solicits final comments on this action. Please send substantive
>> comments to the last-call-EgrivxUAwEY@xxxxxxxxxxxxxxxx mailing
>> lists by 2020-01-31.
> 
> Sorry for this late suggestion. Wouldn't it be better to mention that
> RFC 8314 must follow the recommendations in BCP 195? I see that
> [draft-ietf-tls-oldversions-deprecate] will be part of BCP 195, so
> that should do the trick, and avoid unnecessary updates of many RFCs
> whenever TLS recommendations change.
> 
> 
> Especially:
> 
> 1.  Introduction
> 
> [RFC8314] defines the minimum recommended version for TLS as version 
> 1.1.  Due to the deprecation of TLS 1.1 in 
> [I-D.ietf-tls-oldversions-deprecate], this recommendation is no 
> longer valid.  Therefore this document updates [RFC8314] so that the 
> minimum version for TLS is TLS 1.2.
> 
> 
> Suggestion:
> 
> 1.  Introduction
> 
> [RFC8314] defines the minimum recommended version for TLS as version 
> 1.1.  This recommendation is no longer valid as TLS 1.1 suffers from 
> weaknesses described in [BCP195].  Therefore this document updates 
> [RFC8314] so that the minimum version for TLS follows the 
> recommendations of [BCP195], which regularly strengthens in security 
> over the time.
> 
> 
> 
> Incidentally, maybe this new RFC should not be restricted to only
> the protocol version, but all the recommendations in the use of TLS 
> (ciphers, certificate validation...) that are also present in BCP
> 195?
>

Attachment: 0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux