LS *On Behalf Of *Hannes Tschofenig
> *Sent:* Monday, December 11, 2023 12:06 PM
> *To:* Salz, Rich ; Hannes Tschofenig
> ; Bas Westerbaan 40cloudflare@dmarc.ietf.org>; Deirdre Connolly <
> durumcrustu...@gmail.com>
> *Cc:* TLS@ietf.org
> *Subject:* Re: [TLS] Adoption
”.
-Tim
From: TLS On Behalf Of Hannes Tschofenig
Sent: Monday, December 11, 2023 12:06 PM
To: Salz, Rich ; Hannes Tschofenig
; Bas Westerbaan
; Deirdre Connolly
Cc: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
Hi Rich,
that is implied by a "fe
:* TLS on behalf of Nimrod Aviram <
> nimrod.avi...@gmail.com>
> *Sent:* Wednesday, December 13, 2023 9:49:55 AM
> *To:* Ilari Liusvaara
> *Cc:* TLS@ietf.org
> *Subject:* Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
>
> Hi Ilari, thanks for the clarification!
>
Arnaud Taddei writes:
>This is why I asked the question whether there would be volunteers to design
>a ‘survey’ approach.
>
>This could bring data points from the broader community that could help guide
>this particular area of the work.
I don't think the problem is volunteers, it's getting
Watson Ladd writes:
>Why would deploying that change to TLS 1.2 be easier than deploying TLS 1.3?
One is making a (presumably) small tweak to an existing deployed protocol, the
other is deploying an entirely new protocol. They're totally different
things.
(Not to mention additional issues
Facebook Facebook
FacebookFacebook
Get Outlook for iOS<https://aka.ms/o0ukef>
From: TLS on behalf of Nimrod Aviram
Sent: Wednesday, December 13, 2023 9:49:55 AM
To: Ilari Liusvaara
Cc: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature
Hi Ilari, thanks for the clarification!
I attempted to correct the text.
Would you be willing to review the change? It's here:
https://github.com/richsalz/tls12-frozen/commit/a1ce7ede97897e291af44f0c2f4fc225a2ca4447
thanks,
Nimrod
On Tue, 12 Dec 2023 at 19:22, Ilari Liusvaara
wrote:
> On
2023 at 18:53
To: Rob Sayre , Peter Gutmann
Cc: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
Peter knows more about long-term embedded systems that use TLS than anyone else
on this list. I trust him. Don’t think of things connected to the public
Internet
On Tue, Dec 12, 2023 at 1:23 AM Peter Gutmann wrote:
>
> Viktor Dukhovni writes:
>
> >Peter, is there anything beyond TLS-TLS that you're looking to see work on?
> >Is the issue foreclosing on opportunities to do anticipated necessary work,
> >or is it mostly that the statement that the work
Peter knows more about long-term embedded systems that use TLS than anyone else
on this list. I trust him. Don’t think of things connected to the public
Internet, but rather things like client-auth missle launching systems, seismic
(nuclear) monitoring equipment, and the like. Stuff that you
On Tue, Dec 12, 2023 at 1:09 AM Peter Gutmann
wrote:
> are
> you saying you don't believe that there are systems out there deployed and
> used with multi-decade life cycles?
I believe that--but these are so old that the other parts are starting to
become a problem. In my case, the ethernet
On Fri, Dec 08, 2023 at 05:47:01PM +, Salz, Rich wrote:
>
> Good point. https://github.com/richsalz/tls12-frozen/pull/12 has the
> change. I’ll wait until/if this is adopted by the WG to merge it.
Reading through the document, I noticed the following:
"To securely deploy TLS 1.2, either
Hi Peter,
with or without "freeze", I guess it will be not too easy to get enough
interest for required discussions and reviews to change or fix TLS 1.2.
On the other side, if there is enough interest for a special future 1.2
topic, I also don't get it, why that should be blocked with an
Loganaden Velvindron writes:
>I'm curious. Are those embedded devices or IoT type of appliances where the
>firmware has a TLS library that will never be updated ?
Typically, yes. Many devices don't support remote firmware update, or need
physical access to do it so it's never done, or will be
Viktor Dukhovni writes:
>Peter, is there anything beyond TLS-TLS that you're looking to see work on?
>Is the issue foreclosing on opportunities to do anticipated necessary work,
>or is it mostly that the statement that the work can't happen causing
>disruption with audits and other bureaucratic
a Javascript app...
Ciao
Hannes
-Original Message-
From: TLS On Behalf Of Loganaden Velvindron
Sent: Dienstag, 12. Dezember 2023 06:17
To: Peter Gutmann
Cc: tls@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
Peter,
I'm curious. Are those embedded devices or IoT type o
haven't seen any plans to retire
them.
Peter.
From: TLS on behalf of Viktor Dukhovni
Sent: Tuesday, 12 December 2023 17:49
To: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
On Mon, Dec 11, 2023 at 07:51:13PM -0800, Rob Sayre
Rob Sayre writes:
>>On Mon, Dec 11, 2023 at 5:30 PM Peter Gutmann
>>wrote:
>>
>>Absolutely clear. I work with stuff with 20-30 year deployment and life
>>cycles. I'm fairly certain TLS 1.2 will still be around when the WebTLS
>>world is debating the merits of TLS 1.64 vs. TLS 1.65.
>
>I have
Peter,
I'm curious. Are those embedded devices or IoT type of appliances
where the firmware has a TLS
library that will never be updated ?
On Tue, 12 Dec 2023 at 05:30, Peter Gutmann wrote:
>
> Rob Sayre writes:
>
> >>Given that TLS 1.2 will be around for quite some time
> >Not clear.
>
>
On Mon, Dec 11, 2023 at 07:51:13PM -0800, Rob Sayre wrote:
> > Absolutely clear. I work with stuff with 20-30 year deployment and
> > life cycles. I'm fairly certain TLS 1.2 will still be around when
> > the WebTLS world is debating the merits of TLS 1.64 vs. TLS 1.65.
>
> I have to say, I am
Rob Sayre writes:
>>Given that TLS 1.2 will be around for quite some time
>Not clear.
Absolutely clear. I work with stuff with 20-30 year deployment and life
cycles. I'm fairly certain TLS 1.2 will still be around when the WebTLS world
is debating the merits of TLS 1.64 vs. TLS 1.65.
(This
Watson Ladd writes:
>How does a feature freeze make it impossible to keep supporting TLS 1.2 as
>is?
Because if there's some tweak required for some reason (I don't know what that
could be since I can't predict the future) the draft seems to prohibit it.
Peter.
On Mon, Dec 11, 2023 at 5:15 PM Peter Gutmann wrote:
>
> In all the rush to jump on the bandwagon, no-one has yet answered the question
> I posed earlier: For anyone who's already moved to TLS 1.3 the draft is
> irrelevant, and for people who have to keep supporting TLS 1.2 gear more or
> less
In all the rush to jump on the bandwagon, no-one has yet answered the question
I posed earlier: For anyone who's already moved to TLS 1.3 the draft is
irrelevant, and for people who have to keep supporting TLS 1.2 gear more or
less indefinitely it makes their job hard if not impossible. So what's
On Mon, Dec 11, 2023 at 06:38:05PM -0500, David Benjamin wrote:
> Protocol changes generally require both client and server changes to take
> effect. Pre-existing deployments, by simply pre-existing, will not have
> those changes. If we add, say, post-quantum options for TLS 1.2, it will
>
I don't think that quite captures the tradeoffs. Sure, TLS 1.2 will be
around for quite some time, but that *does not mean it is worth adding new
features to TLS 1.2*. Those two statements are not directly related.
Protocol changes generally require both client and server changes to take
effect.
On Mon, Dec 11, 2023 at 02:40:41PM -0800, Rob Sayre wrote:
> > Given that TLS 1.2 will be around for quite some time
>
> Not clear.
As a data point, I've had no luck so far with encouraging the email
operators of domain-registry.bg to upgrade their primary MX from TLS 1.0
to at least TLS 1.2.
Viktor Dukhovni wrote:
> For what it is worth, my agenda/perspective has never been to weaken
encryption.
Right, I wrote that your message was not something that advocated weakened
encryption.
> Given that TLS 1.2 will be around for quite some time
Not clear.
> Whatever else we do, we should
On Mon, Dec 11, 2023 at 12:32:36PM -0800, Rob Sayre wrote:
> PS - I have to say, not in this message, but sometimes it seems like the
> goal of TLS 1.2 advocates is weaker encryption. So, for them, the flaws in
> TLS 1.2 that the draft describes are desirable. If that's the case,
> participants
Viktor Dukhovni wrote:
> I do however wonder why this requires a draft formalising the stance?
> [...]
> Is the draft actually necessary?
It is a good way to avoid continually discussing the matter. So, yes, it
will save time: by documenting IETF consensus.
thanks,
Rob
PS - I have to say, not
On Wed, Dec 06, 2023 at 12:33:52AM -0500, Deirdre Connolly wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This call
> is to confirm this on the list. Please
Ditto +1 to Rich
From: TLS on behalf of Bas Westerbaan
Date: Monday, 11 December 2023 at 18:21
To: Salz, Rich
Cc: Hannes Tschofenig ,
TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
The draft itself is an exercise in clear communication, and mentioning PQC
The draft itself is an exercise in clear communication, and mentioning PQC
explicitly fits with that. Thus I agree with Rich to keep it.
Best,
Bas
On Mon, Dec 11, 2023 at 6:18 PM Salz, Rich wrote:
>
>- that is implied by a "feature freeze". No reason to highlight PQC
>(even though
* that is implied by a "feature freeze". No reason to highlight PQC (even
though it is a hype topic right now).
Yes, to both of these. But I still think it should be explicitly called out.
If the WG thinks otherwise, then fine, the document is that much shorter :)
On Tue, Dec 5, 2023, 9:34 PM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is to confirm this on the list. Please indicate if
Hi Rich,
that is implied by a "feature freeze". No reason to highlight PQC (even
though it is a hype topic right now).
Ciao
Hannes
Am 11.12.2023 um 17:18 schrieb Salz, Rich:
* I consider Section 3 "Implications for post-quantum cryptography"
misplaced. I suggest to delete the
* I consider Section 3 "Implications for post-quantum cryptography"
misplaced. I suggest to delete the section
* The motivation for the draft is unrelated to developments with PQC.
The point is to explain to people that we are going to need PQ crypto, and it
*will not be a 1.2
I support adoption, and am happy to review.
Best,
Dennis
On 06/12/2023 12:50, Salz, Rich wrote:
At the TLS meeting at IETF 118 there was significant support for the
draft 'TLS 1.2 is in Feature Freeze'
(https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/
I consider Section 3 "Implications for post-quantum cryptography"
misplaced. I suggest to delete the section
The motivation for the draft is unrelated to developments with PQC.
Ciao
Hannes
Am 11.12.2023 um 11:59 schrieb Bas Westerbaan:
I support adoption, and am happy to review.
Best,
I support adoption, and am happy to review.
Best,
Bas
On Wed, Dec 6, 2023 at 6:34 AM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
* NEW2: ” Cryptographically relevant quantum computers, once available,
will have a huge impact on RSA, FFDH, ECC which are currently used in TLS.”
Good point. https://github.com/richsalz/tls12-frozen/pull/12 has the change.
I’ll wait until/if this is adopted by the WG to merge it.
of Chris Barber
Date: Thursday, 7 December 2023 at 21:41
To: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
I've reviewed the document and endorse its adoption.
It's not worth spending more time on TLS < 1.3, and the draft can help to
improve TLS 1.3 adopt
I've reviewed the document and endorse its adoption.
It's not worth spending more time on TLS < 1.3, and the draft can help to
improve TLS 1.3 adoption.
It isn't worthwhile to invest additional time in TLS versions earlier than
1.3, and the draft can contribute to enhancing the adoption of TLS
I support adoption.
On Wed, Dec 6, 2023, 09:35 Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is to confirm this on the list.
I support adoption.
On Thu, 7 Dec 2023 at 05:55, David Schinazi
wrote:
> I support adoption.
> David
>
> On Wed, Dec 6, 2023 at 4:16 PM Rob Sayre wrote:
>
>> Hi,
>>
>> I support adoption.
>>
>> thanks,
>> Rob
>>
>>
>> On Tue, Dec 5, 2023 at 9:35 PM Deirdre Connolly
>> wrote:
>>
>>> At the TLS
I support adoption.
David
On Wed, Dec 6, 2023 at 4:16 PM Rob Sayre wrote:
> Hi,
>
> I support adoption.
>
> thanks,
> Rob
>
>
> On Tue, Dec 5, 2023 at 9:35 PM Deirdre Connolly
> wrote:
>
>> At the TLS meeting at IETF 118 there was significant support for the
>> draft 'TLS 1.2 is in Feature
Hi,
I support adoption.
thanks,
Rob
On Tue, Dec 5, 2023 at 9:35 PM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is to
I support adoption and am willing to review.
On Tue, Dec 5, 2023 at 10:34 PM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is
of Christopher Patton
Date: Wednesday, 6 December 2023 at 17:03
To: Deirdre Connolly
Cc: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
I support adoption.
Chris P.
On Tue, Dec 5, 2023 at 9:34 PM Deirdre Connolly
mailto:durumcrustu...@gmail.com>> wrote:
At the TLS m
I support adoption.
Chris P.
On Tue, Dec 5, 2023 at 9:34 PM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is to confirm this
of Sean Turner
Date: Wednesday, 6 December 2023 at 14:56
To: Stephen Farrell
Cc: TLS List
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
> On Dec 6, 2023, at 07:57, Stephen Farrell wrote:
>
> Signed PGP part
>
>
> On 06/12/2023 05:33, Deirdre Connolly wrote:
>
I support adoption and am willing to review.
On Wed, Dec 6, 2023 at 12:34 AM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is
> As the co-author, I support this and am willing to continue working on it
as needed.
Same here.
On Wed, 6 Dec 2023 at 14:51, Salz, Rich
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
>
> On Dec 6, 2023, at 07:57, Stephen Farrell wrote:
>
> Signed PGP part
>
>
> On 06/12/2023 05:33, Deirdre Connolly wrote:
>> At the TLS meeting at IETF 118 there was significant support for the draft
>> 'TLS 1.2 is in Feature Freeze' (
>>
Deirdre Connolly writes:
>At the TLS meeting at IETF 118 there was significant support for the draft
>'TLS 1.2 is in Feature Freeze' (
>https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This call is
>to confirm this on the list. Please indicate if you support the adoption of
I support adoption of this draft.
On Wed, Dec 6, 2023 at 6:34 AM Deirdre Connolly
wrote:
> At the TLS meeting at IETF 118 there was significant support for the draft
> 'TLS 1.2 is in Feature Freeze' (
> https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This
> call is to confirm
Am comfortable too
From: TLS on behalf of Salz, Rich
Date: Wednesday, 6 December 2023 at 13:50
To: Deirdre Connolly , TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'
At the TLS meeting at IETF 118 there was significant support for the draft 'TLS
1.2 is in Feature
On 06/12/2023 05:33, Deirdre Connolly wrote:
At the TLS meeting at IETF 118 there was significant support for the draft
'TLS 1.2 is in Feature Freeze' (
https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This call
is to confirm this on the list. Please indicate if you support
At the TLS meeting at IETF 118 there was significant support for the draft 'TLS
1.2 is in Feature Freeze'
At the TLS meeting at IETF 118 there was significant support for the draft
'TLS 1.2 is in Feature Freeze' (
https://datatracker.ietf.org/doc/draft-rsalz-tls-tls12-frozen/) This call
is to confirm this on the list. Please indicate if you support the
adoption of this draft and are willing to
60 matches
Mail list logo
