Hiya,
On 03/06/15 11:47, t.p. wrote:
----- Original Message -----
From: "Jari Arkko" <jari(_dot_)arkko(_at_)piuha(_dot_)net>
To: "Joe Touch" <touch(_at_)isi(_dot_)edu>
Cc: "Richard Barnes" <rlb(_at_)ipv(_dot_)sx>; <ietf(_at_)ietf(_dot_)org>
Sent: Wednesday, June 03, 2015 4:55 AM
I am not sure the discussion about blocking is relevant. We will change
defaults, but cleartext is still available.
<tp>
I note that the statement makes TLS 1.2 a MUST and earlier versions of
TLS a SHOULD NOT.
The statement refers to BCP195, which is our very recent IETF
consensus document on generic use of TLS and which says the
above and a bit more about versions. [1] I can't see we would
want to ignore that output from the UTA working group here - if
that BCP really doesn't work for IETF content, then we would
presumably need get the WG to fix the BCP and not the statement;-)
In practical terms, what levels of browser will we be required to have
in order to be able to use TLS 1.2?
I'm not sure to be honest, but for me, up-to-date ff and chromium
(on Linux) are both fine, e.g. when accessing [1] I end up with
TLS1.2 with both of those.
Cheers,
S.
[1] https://tools.ietf.org/html/bcp195#section-3.1.1
Tom Petch
Jari