In my view, TLS 1.0 and 1.1 should be MUST NOT. Ideally: 1.3 is MUST and 1.2 is MUST NOT, but I will not be upset if 1.3 is SHOULD and 1.2 is MAY. From what I have seen, the industry is not ready to make 1.2 a DO NOT USE.
Hope this helps. From: Chris Lonvick <lonvick.i...@gmail.com> Date: Sunday, September 11, 2022 at 6:25 PM To: "uta@ietf.org" <Uta@ietf.org> Subject: [Uta] Fwd: I-D Action: draft-ietf-uta-ciphersuites-in-sec-syslog-02.txt Hi, We've submitted an update to this ID for review by the Working Group. Thanks to our reviewers and their suggestions. We've incorporated most of their recommended changes. We would like to ask the WG for consensus regarding the use of TLS 1.2 and 1.3. Obviously, using 1.3 would be optimal. As a counterpoint, there are a lot of old-n-slow syslog devices out there that might not be up to running that, or might not be timely updated to run 1.3. Can we get some comments from the reviewers on this? Thanks, Chris ---------- Forwarded message --------- From: <internet-dra...@ietf.org<mailto:internet-dra...@ietf.org>> Date: Sun, Sep 11, 2022 at 5:57 PM Subject: [Uta] I-D Action: draft-ietf-uta-ciphersuites-in-sec-syslog-02.txt To: <i-d-annou...@ietf.org<mailto:i-d-annou...@ietf.org>> Cc: <uta@ietf.org<mailto:uta@ietf.org>> A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Using TLS in Applications WG of the IETF. Title : Updates to the Cipher Suites in Secure Syslog Authors : Chris Lonvick Sean Turner Joe Salowey Filename : draft-ietf-uta-ciphersuites-in-sec-syslog-02.txt Pages : 8 Date : 2022-09-11 Abstract: The Syslog Working Group published two specifications, namely RFC 5425 and RFC 6012, for securing the Syslog protocol using TLS and DTLS, respectively. This document updates the cipher suites in RFC 5425, Transport Layer Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog. It also updates the transport protocol in RFC 6012. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-uta-ciphersuites-in-sec-syslog/<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ietf-uta-ciphersuites-in-sec-syslog/__;!!GjvTz_vk!Tc2yw5XoO7kPCXXXc3UF_xj6jsbLMd8absl-vkWq2ggnrs2dm69MgC2sgKF7_FOU2h-9Pj77ewzXPVs9foU$> There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-uta-ciphersuites-in-sec-syslog-02.html<https://urldefense.com/v3/__https:/www.ietf.org/archive/id/draft-ietf-uta-ciphersuites-in-sec-syslog-02.html__;!!GjvTz_vk!Tc2yw5XoO7kPCXXXc3UF_xj6jsbLMd8absl-vkWq2ggnrs2dm69MgC2sgKF7_FOU2h-9Pj77ewzXT8_3pJI$> A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-uta-ciphersuites-in-sec-syslog-02<https://urldefense.com/v3/__https:/www.ietf.org/rfcdiff?url2=draft-ietf-uta-ciphersuites-in-sec-syslog-02__;!!GjvTz_vk!Tc2yw5XoO7kPCXXXc3UF_xj6jsbLMd8absl-vkWq2ggnrs2dm69MgC2sgKF7_FOU2h-9Pj77ewzX8RURZFY$> Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts _______________________________________________ Uta mailing list Uta@ietf.org<mailto:Uta@ietf.org> https://www.ietf.org/mailman/listinfo/uta<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/uta__;!!GjvTz_vk!Tc2yw5XoO7kPCXXXc3UF_xj6jsbLMd8absl-vkWq2ggnrs2dm69MgC2sgKF7_FOU2h-9Pj77ewzXTlXvEBA$>
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
