Re: [TLS] Confirming consensus: TLS1.3->TLS*

Steven Valdez <svaldez@chromium.org> Sat, 19 November 2016 16:40 UTC

Return-Path: <svaldez@chromium.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2133912961B for <tls@ietfa.amsl.com>; Sat, 19 Nov 2016 08:40:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.2
X-Spam-Level:
X-Spam-Status: No, score=-2.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8fD7ktwsjO4t for <tls@ietfa.amsl.com>; Sat, 19 Nov 2016 08:39:58 -0800 (PST)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7A791295AB for <tls@ietf.org>; Sat, 19 Nov 2016 08:39:57 -0800 (PST)
Received: by mail-oi0-x22a.google.com with SMTP id v84so120176667oie.3 for <tls@ietf.org>; Sat, 19 Nov 2016 08:39:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SM68pD/tKXEOOFMKxW6440GOgdyXNlEKSnBjK6S1Gsw=; b=MsOfenBa5OlF1FjSLtQL1+8Jmwf3xTaqRiOeyS1hQabn6aSU9HiCK2MgrBZTZK51ZT vOfSQlfmandRKyYyH93143a9gp4jpSp7w0b6xVkuqcz1VG5bCKYw2pm5l6rNlHJqiaVF gsIrW2wrSetUK7PEN6hMlB8n6pwvDct9k2jd4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SM68pD/tKXEOOFMKxW6440GOgdyXNlEKSnBjK6S1Gsw=; b=euZSiXJJKmGpxTlaaroHyh5pMqe2JOSN8zX3cF29z5NzEl+d3Bw4pTiHqFk2iKajwe XTcI7Ibld7jbyQVruBiGZ2cx4PVsVA/dxjFZQRsQCnsfr9B7RvE0JW+1DJ+PHmTjPJs3 lf/qd9C32IDUf6IUVFoihoPA/DKKtvFgWxbRHZO7BM7k6xsepT864nPoz0F1N2GaadoB fHp+ABpynkExkGf11NbFTv16jZImb7yYRTZvA6HU8fbo2MR6eh5IYmdneOWa3G2zvxNo 7hAAXPSepMlFvSlNyicWaHiA4yg04gwg5CnDXjrpBxusKHu4b9loEC6eT+C/pPdSqxoT dvBQ==
X-Gm-Message-State: AKaTC02Mqf7k7dpJHR99Pv/rJEftjat3bSaj8Jg0n8600IT0gFlYuPXDD7b98bHZyoHap7MW
X-Received: by 10.157.47.250 with SMTP id b55mr3652556otd.236.1479573597101; Sat, 19 Nov 2016 08:39:57 -0800 (PST)
Received: from mail-oi0-f45.google.com (mail-oi0-f45.google.com. [209.85.218.45]) by smtp.gmail.com with ESMTPSA id s130sm4243911oif.3.2016.11.19.08.39.56 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 19 Nov 2016 08:39:56 -0800 (PST)
Received: by mail-oi0-f45.google.com with SMTP id z62so120214785oiz.1 for <tls@ietf.org>; Sat, 19 Nov 2016 08:39:56 -0800 (PST)
X-Received: by 10.202.114.129 with SMTP id p123mr3433176oic.132.1479573596163; Sat, 19 Nov 2016 08:39:56 -0800 (PST)
MIME-Version: 1.0
References: <CF83FAD0-B337-4F9E-A80B-2BAA6826BF41@sn3rd.com> <CAH8yC8=UHmjvvDxg=NGPbj0W6Ni09TaGJZ-B=pV8zaVESDmkEA@mail.gmail.com> <CAN40gSvuzFSvYt6EzLVbXc0BrrxfCK4R97Bh8JxxM-xJydczBA@mail.gmail.com>
In-Reply-To: <CAN40gSvuzFSvYt6EzLVbXc0BrrxfCK4R97Bh8JxxM-xJydczBA@mail.gmail.com>
From: Steven Valdez <svaldez@chromium.org>
Date: Sat, 19 Nov 2016 16:39:45 +0000
X-Gmail-Original-Message-ID: <CANduzxCT_QWS3B5nW6fPMbaqc7DEL87fe_YfO11ZsMejuxN8-Q@mail.gmail.com>
Message-ID: <CANduzxCT_QWS3B5nW6fPMbaqc7DEL87fe_YfO11ZsMejuxN8-Q@mail.gmail.com>
To: Ira McDonald <blueroofmusic@gmail.com>, noloader@gmail.com
Content-Type: multipart/alternative; boundary=001a1134e0e89e8d110541aa1285
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-aBrZZmDusjAb27BEf0zkm02hDk>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Nov 2016 16:40:00 -0000

Maintaining my hum from the meeting, I prefer keeping TLS 1.3 over
renaming, primarily because there's now a good amount of
documentation/implementation in the wild that refers to TLS 1.3, and we'll
need to keep around the new equivalence of TLS 2 (or 4)=TLS 1.3.


On Sat, Nov 19, 2016, 8:31 AM Ira McDonald <blueroofmusic@gmail.com>; wrote:

> Hi,
>
> I think that the presumption that most tech people (or even security
> people)
> won't have any trouble with the future version numbering of TLS is wrong.
>
> Yesterday morning, on an SAE Vehicle Electrical Systems Security call with
> some 40 auto security professionals present, I mentioned that TLS 1.3 was
> wrapping up and was asked "What's TLS?"  Usual explanation about SSL
> being succeeded by IETF TLS 17 years ago.  Several responses that were
> the equivalent of blank stares.  And finally, "Then why is the library
> still
> called OpenSSL?"
>
> Rich has highlighted that the tech community goes right on conflating SSL
> with TLS on web sites.
>
> I change my two cents to "TLS 4" but am unsure about "4" or "4.0" because
> the tech community has been trained to care about major.minor.
>
> Cheers,
> - Ira
>
>
> Ira McDonald (Musician / Software Architect)
> Co-Chair - TCG Trusted Mobility Solutions WG
> Chair - Linux Foundation Open Printing WG
> Secretary - IEEE-ISTO Printer Working Group
> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> IETF Designated Expert - IPP & Printer MIB
> Blue Roof Music / High North Inc
> http://sites.google.com/site/blueroofmusic
> http://sites.google.com/site/highnorthinc
> mailto: blueroofmusic@gmail.com
> Jan-April: 579 Park Place  Saline, MI  48176  734-944-0094
> May-Dec: PO Box 221  Grand Marais, MI 49839  906-494-2434
>
>
> On Sat, Nov 19, 2016 at 6:32 AM, Jeffrey Walton <noloader@gmail.com>;
> wrote:
>
> On Thu, Nov 17, 2016 at 9:12 PM, Sean Turner <sean@sn3rd.com>; wrote:
> > At IETF 97, the chairs lead a discussion to resolve whether the WG
> should rebrand TLS1.3 to something else.  Slides can be found @
> https://www.ietf.org/proceedings/97/slides/slides-97-tls-rebranding-aka-pr612-01.pdf
> .
> >
> > The consensus in the room was to leave it as is, i.e., TLS1.3, and to
> not rebrand it to TLS 2.0, TLS 2, or TLS 4.  We need to confirm this
> decision on the list so please let the list know your top choice between:
> >
> > - Leave it TLS 1.3
> > - Rebrand TLS 2.0
> > - Rebrand TLS 2
> > - Rebrand TLS 4
> >
> > by 2 December 2016.
>
> Please forgive my ignorance...
>
> Who are you targeting for the versioning scheme? Regular users? Mom
> and pop shops with a web presence? Tech guys and gals? Security folks?
>
> For most tech people and security folks, I don't think it matters
> much. However, how many regular users would have clung to SSLv3 and
> TLS 1.0 (given TLS 1.2 was available) if they were named SSL 1995 and
> TLS 1999 (given TLS 2008 or TLS 2010 was available)?
>
> (Sorry to violate the Hum restriction).
>
> Jeff
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>