Deprecating TLS 1.0 and TLS 1.1
RFC 8996

Note: This ballot was opened for revision 11 and is now closed.

(Deborah Brungard) Yes

(Alissa Cooper) Yes

Roman Danyliw Yes

Comment (2021-01-19 for -11)
No email
send info
Thank you for the effort to comprehensively modernize the TLS guidance.

Thank you to Adam Montville for the SECDIR review.

Martin Duke Yes

Benjamin Kaduk Yes

Comment (2021-01-08 for -11)
No email
send info
The replacement of (e.g.) "TLS 1.0" with "TLSv1.0" affected the quote from the NIST document,
which brings in slightly more divergence from the referenced material.

Erik Kline Yes

Murray Kucherawy Yes

Warren Kumari Yes

(Barry Leiba) Yes

Comment (2021-01-19 for -11)
I think this is the first time I’ve reviewed a document where the “References” section is longer than the rest of the document combined.

Just a couple of nits:

— Section 1.1 —

   Fallback to these versions are prohibited
   through this update.

Fallback “is” prohibited (not “are”).

— Section 6 —

   This documents updates [RFC7525] Section 3.1.1

“document”, singular.

Éric Vyncke Yes

Comment (2021-01-19 for -11)
Thank you for the work put into this document. 

Special thanks to the shepherd, Sean Turner, who did a great job to describe the WG consensus. Rob Wilton's point about minimum version is also important and should be addressed in the abstract (even if the text is clearer in section 1).

Please find below some nits.

I hope that this helps to improve the document,



-- Abstract --
"This document, if approved, formally deprecates Transport Layer" => should ", if approved," be removed now from the abstract? The RFC Editor will probably do it though.

-- Section 1 --
"deprecate these old versions." should the "these old version" be followed by the enumeration ?

Alvaro Retana No Objection

Martin Vigoureux No Objection

Robert Wilton No Objection

Comment (2021-01-12 for -11)
Thank you for purging the old versions of TLS.

There is one sentence in the abstract that I found surprising (if it is right).

The abstract states: "TLSv1.2 has been the
   recommended version for IETF protocols since 2008, providing
   sufficient time to transition away from older versions."

Should this be "minimum recommended version"?  Otherwise, I don't understand why the recommended version of TLS is 1.2 rather than 1.3 (given that the TLS 1.2 RFC is marked as obsolete).