Hi Rich, Thank you for responding to all of our questions! We have updated the document accordingly. We’ll wait for Paul (AD) to comment on question #1 about the BCP number assignment.
We also have a followup question. We see two similar sentences in the Introduction that mention the updates relationship with RFC 9325. Would you like to make some changes here, or do you prefer to leave the text as is? Current (from first and third paragraphs of Introduction): This document updates [RFC9325] as described in Section 5. ... This document updates [RFC9325]. It discusses post-quantum cryptography and the security and privacy improvements in TLS 1.3 as a rationale for the update. Perhaps (remove sentence in first paragraph and update the sentence in the third paragraph as follows): This document updates [RFC9325]. It discusses post-quantum cryptography and the security and privacy improvements in TLS 1.3 as the rationale for the update. See Section 5. — FILES (please refresh) — Updated XML file: https://www.rfc-editor.org/authors/rfc9852.xml Updated output files: https://www.rfc-editor.org/authors/rfc9852.txt https://www.rfc-editor.org/authors/rfc9852.pdf https://www.rfc-editor.org/authors/rfc9852.html Diff files showing all changes made during AUTH48: https://www.rfc-editor.org/authors/rfc9852-auth48diff.html https://www.rfc-editor.org/authors/rfc9852-auth48rfcdiff.html (side by side) Diff files showing all changes: https://www.rfc-editor.org/authors/rfc9852-diff.html https://www.rfc-editor.org/authors/rfc9852-rfcdiff.html (side by side) For the AUTH48 status of this document, please see: https://www.rfc-editor.org/auth48/rfc9852 Best regards, Rebecca VanRheenen RFC Production Center > On Jan 6, 2026, at 11:31 AM, Salz, Rich <[email protected]> > wrote: > > Basically all the suggestions (with, I think, three comments below). > > Let me know if any of this is not clear. > > Thank you! > > • 1) <!-- [rfced] Authors and *AD - We have marked this document as part > of > • BCP 195 because it updates RFC 9325, which is part of BCP 195. > > Fine with me, assuming the AD concurs. > > • 2) <!-- [rfced] FYI - We have updated the abbreviated title as follows. > • New Protocols Using TLS Must Require TLS 1.3 > > Fine. > > • 3) <!-- [rfced] Abstract: How may we update "over TLS 1.2" to improve > clarity? > > Fine. > > • 4) <!-- [rfced] Introduction: May we update "fixed weaknesses in TLS > 1.2" as > • follows to match the sentence in the abstract? > > Fine. > > • 5) <!-- [rfced] Both of the sentences below are from the Introduction. > Would it > • be helpful to remove the text about TLS 1.3 being widespread from the > • first sentence below since it is also mentioned in the second sentence? > > Sure. > > • In addition, should "must require and assume its existence" be updated > to > • just "must require"? > > The original sense of what we were going for is “should assume TLS 1.3 is > available and therefore must require its use.” If you prefer using “must > require” that is okay. > > • 6) <!-- [rfced] Section 3: Is "For TLS" needed at the beginning of this > sentence? > • Also, will readers understand what "these efforts" refers to? > > The “For TLS” can be removed. For “these efforts within the TLS WG” perhaps > “the TLS WG is focusing its efforts on TLS 1.3 or later” ? "These efforts" > is really the efforts of the WG so maybe “their efforts” if you prefer. > > • 7) <!-- [rfced] Section 4: Will readers know what "this" refers to here? > • Perhaps: > • If the application is using a TLS implementation that supports TLS > • version negotiation > • and if it knows that the TLS implementation will use the highest > • version supported, then clients SHOULD specify just the minimum > • version they want. > > Fine. > > • 8) <!-- [rfced] Section 5: Would it be helpful to revise these > sentences as > • follows to enhance readability? > > Fine. > > • 9) <!-- [rfced] Section 6: How may we revise the text starting with > "that > • allows…"? > > Fine. > > • 10) <!-- [rfced] Section 6: Please review the following suggestions and > let us > • know if the updates make the text more clear. > > Suggestion “a)” is fine. > For suggestion “b)” a minor edit: “most of the handshake messages are not” > should be “most of the content of the handshake messages is not” > > • 11) <!-- [rfced] Section 6: Both of the following sentences appear in > the same > • paragraph. Would it be helpful to update to reduce redundancy? > > Fine. > > • 12) <!-- [rfced] FYI - We updated the date for this reference from > "August 2024" to > • "June 2025" to match the updated date provided at the URL. > > Fine. > > • 13) <!-- [rfced] The URL in the following reference entry appears to be > broken. > • We were able to find an archived version from the Wayback Machine and > > Fine. > > > • 14) <!-- [rfced] FYI - We have added an expansion for the following > abbreviation > • per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review carefully > • to ensure correctness. > • Cipher Block Chaining (CBC) > > That’s correct. > > • 15) <!-- [rfced] Please review the "Inclusive Language" portion of the > online > > Did not find anything to change. > -- auth48archive mailing list -- [email protected] To unsubscribe send an email to [email protected]
