- From: Rodney Thayer <rodney@sabletech.com>
- Date: Thu, 17 Oct 1996 12:12:09 -0400
- To: ietf-tls@w3.org
-----BEGIN PGP SIGNED MESSAGE----- I too agree with this approach, which was proposed as far back as Montreal. In SSL3, we have "rough concensus and running code", if you count the existance of the current implementation and the fact that major interested parties have widespread deployment. It might not be everyone's idea of perfection, but it seems quite acceptable for a "TLS 1.0" iteration. These other discussions can happen for the next generation. I assume that most people would agree that SOMETHING will happen after the first TLS version, since this is not a static technology, therefore presuming the existance of a post-TLS-1.0 standard seems reasonable. >Resent-Date: Wed, 16 Oct 1996 21:28:46 -0400 >Resent-Message-Id: <199610170128.VAA10502@www19.w3.org> >X-Sender: jwkckid1@popd.ix.netcom.com >Date: Wed, 16 Oct 1996 20:03:44 -0500 >To: ietf-tls@w3.org >From: Jeff Williams <jwkckid1@ix.netcom.com> >Subject: Re: Busted TLS Schedule, and a Proposal for Closure >X-List-URL: http://lists.w3.org/Archives/Public/ietf-tls >Resent-From: ietf-tls@w3.org >X-Mailing-List: <ietf-tls@w3.org> archive/latest/388 >X-Loop: ietf-tls@w3.org >Sender: ietf-tls-request@w3.org >Resent-Sender: ietf-tls-request@w3.org > >At 03:44 PM 10/16/96 -0700, you wrote: >>Christopher Allen wrote: >>> >>> As I recall there were only two technical proposals on the table in >>> August and September (both of which I think were late), Netscape's >>> authority attributes, and Microsoft's secret key authentication. I >>> have not seen on this list sufficient consensus to move forward on >>> either of them. >>> >>> I would like to suggest to Win Treese, the TLS-WG chairman, that we >>> table the two proposals for now, and settle on moving SSL 3.0 into TLS >>> 1.0 *as is*, however, with some clarifications to the spec. >>> >>> I would like to see that early in November a small group of engineers >>> who have actually *implemented* SSL 3.0 get together with the current >>> SSL 3.0 authors to clarify the spec. *Not* change the spec, only >>> clarify any ambiguities (we have found in writing SSLRef 3.0, SSL >>> Plus, and an SSL Fortezza implemenation a number of ambiguities, and >>> I'm sure others have as well.) >>> >>> This cleaned up spec would be called TLS 1.0 and published as an >>> internet draft for final comments in time for the December IETF >>> meeting in San Jose. >>> >>> SSL 3.0 is already widely deployed. Both Microsoft and Netscape have >>> it now in their browsers and servers, and many other companies now >>> have SSL 3.0 browsers, web servers, and non-web application under >>> development with SSL 3.0. >>> >>> Thus I believe that is appropriate that the continued revisions of the >>> SSL 3.0 standard move to IETF change control, and it's authors seem >>> willing to allow it to do so. Given this I think SSL 3.0 is an >>> appropriate starting point for IETF and TLS-WG, and that the the >>> TLS-WG should ratify it with the ambiguities cleaned up. >>> >>> From that solid base we can move toward TLS 1.1, which then might >>> include Microsoft's and Netscape's proposals. >> >>I think this is an excellent idea. > > I agree with Tom here. I would add that when seperating the two documents >that mutual refrence to each be included in each. I would also think that >Netscape's > authority attributes, and Microsoft's secret key authentication be included in >a manner that would be inclusive in the final perposal document. > >Reguards, > > >> >>-- >>You should only break rules of style if you can | Tom Weinstein >>coherently explain what you gain by so doing. | tomw@netscape.com >> >> >> >Jeffrey A. Williams >SR.Internet Network Eng. >CEO., IEG., INC., Representing PDS .Ltd. >Web: http://www.pds-link.com >Phone: 214-793-7445 (Direct Line) >Director of Network Eng. and Development IEG. INC. > > > -----BEGIN PGP SIGNATURE----- Version: 4.0 Business Edition iQCVAgUBMmZakcKmlvJNktGxAQGjfwQAuQF7oOE4M+fVGEMrgyozuJEAnnaUT2Fq BSB01t0vkqkesxlnfenVTWx0uv7+o0YiXPqAK0SsaGQMdpBarp9J9wr4qK9gd+O6 xK95y1H4LnxvXKl/cnSPjBN/KApHfzV2irN/XqBGWtKJc5Q6prDnhyaO9yd7XSHX 5KYjsSmtqa8= =eEBf -----END PGP SIGNATURE----- Rodney Thayer <rodney@sabletech.com> +1 617 332 7292 Sable Technology Corp, 246 Walnut St., Newton MA 02160 USA Fax: +1 617 332 7970 http://www.shore.net/~sable "Developers of communications software"
Received on Thursday, 17 October 1996 12:12:17 UTC