On Wed, Apr 9, 2025 at 7:35 PM Toerless Eckert <tte@xxxxxxxxx> wrote:
On Tue, Apr 08, 2025 at 11:23:44AM -0700, Eric Rescorla wrote:
> I don't agree that this change is indicated. TLS 1.3 is far more widespread
> than just in browsers. It's been in major libraries for years and is
> supported in the Windows, MacOS, iOS, and Android stacks. This is not to say that
> there aren't environments which don't support TLS 1.3, but it's far more
> than just browsers.
Just because recent versions of mayor non-constrained device OS's have TLS 1.3
does not mean that those versions of the OS are or can be reasonably used in
a lot of "embedded" environments where those type of OS are used.
Perhaps not, but that's not what I am saying. Rather, the point I am making is that
your proposed text limiting this to *browsers* is far too narrow and the original
text that says TLS 1.3 is widely deployed is in fact correct. "Widely" is not the
same as "universally".
The reason is again
the really long time lines and cost of upgrading OS's. For another fun example,
i think some tram systems used windows CE 3.11 until after 2015 and since then have
adopted something that sounded like Windows CE XP level.
I'm aware that many embedded systems run very old software. But the relevant
question is whether there are systems which (1) cannot deploy TLS 1.3 and
(2) are going to deploy entirely new protocols.
> As Alan observes, we are talking about levies on new protocols, not
> existing protocols. These should be deployed with TLS 1.3 for the reasons
> indicated in this draft.
That restatement does not address the concerns i already raised.
I'm not really persuaded of the force of those concerns.
-Ekr
-- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
