[Cryptography] The TLS-LTS draft expires in August 2026

Thu Jun 11 10:35:44 EDT 2026

Salz, Rich via cryptography <cryptography at metzdowd.com> writes:

>The only way to move this forward within the IETF is to publish it as an
>individual RFC. I believe the editor of that series is willing to do so. I
>don’t know Peter’s views on this, and I would not blame him for just not
>caring about IETF publication any more.

There's a bit of a backstory to this one (I'm the author of the draft), I've
been travelling for work so this response is a bit delayed:

- I first posted it in 2016, and was asked to delay publication as an RFC
  until TLS 1.3 was finished, so as not to interfere with the 1.3 process.

- After waiting some years for TLS 1.3 as requested, I proposed it again, and
  it was shut down with the excuse "we've got TLS 1.3 now, we can't have -lts".
  An IETF person then suggested I submit it to the independent submissions
  stream, which I also did as requested.

- The very same person then blocked it when I submitted it there based on a
  series of made-up-on-the-spot hurdles which, if applied to other RFCs, would
  probably have prevented about half the existing TLS RFCs from ever being
  published had they been applied to them.  So "the editor of the series was
  willing to do so", then blocked it once I submitted it.

The next step will be to appeal this, now getting on for ten years, but a more
effective technique that I used to get RFC 8894, SCEP, passed after 20 years
when another IETF person kept raising pointless objections preventing
publication was to note that their term was up in under a year, wait a year,
and then continue the process with the next person in the role, whereupon it
passed without comment.

Peter.