Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

Tue, 12 Dec 2023 01:14:16 -0800 

Off-list: Funny that you should mention nuclear power plants, at least one of 
the systems I'm thinking of is used in nuclear power control.  Those things are 
remarkably resilient, including in at least one case having the facility 
overrun by an invading army.  They looted all the standard PCs but didn't know 
what the controllers were, once the facility was liberated they reconnected the 
controllers and they resumed operation as if nothing had happened (they have 
internal power sources so kept running despite external power being cut).  
They're between 20 and 25 years old, and I haven't seen any plans to retire 
them.

Peter.



________________________________________
From: TLS <tls-boun...@ietf.org> on behalf of Viktor Dukhovni 
<ietf-d...@dukhovni.org>
Sent: Tuesday, 12 December 2023 17:49
To: TLS@ietf.org
Subject: Re: [TLS] Adoption call for 'TLS 1.2 Feature Freeze'

On Mon, Dec 11, 2023 at 07:51:13PM -0800, Rob Sayre wrote:

> > Absolutely clear.  I work with stuff with 20-30 year deployment and
> > life cycles.  I'm fairly certain TLS 1.2 will still be around when
> > the WebTLS world is debating the merits of TLS 1.64 vs. TLS 1.65.
>
> I have to say, I am skeptical of this claim. The reason being that you
> don't really want 20 year old computers connected directly to local
> ethernet without a bridge.

Did Peter say anything about (general purpose) computers or connections
to the "local ethernet" (or Internet)?  Suppose you have a control
system for a ship, an factory floor, or a nuclear power plant.

How often would one want to perform major software updates that
substantially change aspects of the system design?  What is the expected
lifetime of such systems?

Since Peter has been addressing market needs in that space for some
decades, I'd be inclined to take him at his word...

Again, it may well be that he does not have a compelling case for
ongoing TLS working-group processes to enhance TLS 1.2, or he may yet.

Peter, is there anything beyond TLS-TLS that you're looking to see work
on?  Is the issue foreclosing on opportunities to do anticipated
necessary work, or is it mostly that the statement that the work can't
happen causing disruption with audits and other bureaucratic issues?

--
    Viktor.

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls



_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to