Salz, Rich wrote: > >> TLS needs an LTS version that you can just push out and leave to its own >> devices > > So don't you have that with TLS 1.1 and appropriate cipher and option choices?
Actually, you already have that with TLSv1.0 plus the known mitigations. The only cryptographical improvement of TLSv1.1 over TLSv1.0 can be sufficiently achieved with 1+(n-1) record splitting -- for those few situations where this difference is meaningful at all. Only web-browsers that will happily execute any attacker supplied active-content plus the abuse of SSL known as SSL-VPNs need the record-splitting mitigation for block-ciphers in TLSv1.0. -Martin _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls