On Tue, Jan 02, 2024 at 07:17:44PM -0800, Eric Rescorla wrote: > On Tue, Jan 2, 2024 at 5:02 PM Rob Sayre <[1]say...@gmail.com> wrote: > > It might be better to describe TLS 1.2 as "overtaken by events". If you > want to use CSS Grid or Swift UI (name any newish thing), you'll find > yourself with a stack that supports TLS 1.3, so there's no need to > bother with TLS 1.2 in those cases. Turning off TLS 1.2 is sometimes a > good idea, because that traffic is composed of undesirable bots in many > cases. > I know people also work on things that are old, but it seems ok to call > them really old, because that is true. No one seems to disagree with > this point in the draft: "TLS 1.3 [TLS13] is also in widespread use and > fixes most known deficiencies with TLS 1.2". > If you think this draft is so strict that it will be ignored, you have > nothing to worry about. > > The issue I am concerned about is that: > 1. Implementors who do not want to upgrade to TLS 1.3 will implement new > cipher suites > 2. IANA will refuse to register the new cipher suites > With the result being potential code point collisions.
I share this concern. -Ben _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls