Re: [TLS] TLS 1.3 -> TLS 2.0?

Dave Garrett <davemgarrett@gmail.com> Wed, 31 August 2016 19:17 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04A2112D6B5 for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 12:17:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.194
X-Spam-Level:
X-Spam-Status: No, score=-1.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CdckpbR6ZZGV for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 12:17:01 -0700 (PDT)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C8CA12D6AC for <tls@ietf.org>; Wed, 31 Aug 2016 12:17:01 -0700 (PDT)
Received: by mail-qk0-x229.google.com with SMTP id v123so61844490qkh.2 for <tls@ietf.org>; Wed, 31 Aug 2016 12:17:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=RX9KhshcDg+McRwnTIU15uOEEycVJWKeYGXFoceO5m4=; b=y2w2VbKzj8KWnKhAlCA+A+TGGCMYXfc7Ets6OgDHoiNC+x1YTR1g1sj4EsfOdGM23V di2qPUpJXGoqqg85njOihur1WuTBPcNrdEI26WIHgSR0vUb4PRBO3uDnNBhlZQNtJ/Cp KgPir3rX3sopYYOjs9jid5Gb8dSTMQsLOIckcnn+14yfcQHi/pC8PxtZVtsiUQEacjAo N37qE2Hirswscu8BAC49WCNZXtP/VSYRiuRCzlj/pqu0oyg0KOpbWdvcXXy6LWp4WGHf G38yQEHWGTSUpIaLFF4jbU4uT8NEj2GxpQQvmcxPuOTsGppx0RZgfDaQ1jVBOzriGOsl H1dQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=RX9KhshcDg+McRwnTIU15uOEEycVJWKeYGXFoceO5m4=; b=ADRy18wW6LrqtYu7C8riGWWP4n6yV8HKo8HNhAQFJ/OdnhtAW1ZC5a7zr9oT48WyGl U+GaTro2CXJ6rYjB2oCRwUMVP0N2jVeBvDRK5RAxkBvn8Iw+yUYqm9BrVVgPtjc+pQNL kaneW1xN7ZYKUtyGwPrDJav8KQeBV/SOeFFOaeVvgqVbPUUbShcuiC7SwPDwBfuDYHHR 9gtD08yPLeRzH+/EwPluoXDqxH1GUjp2qWUe4fbioiAl1/lRT5qfn+sMxbTsst7pFK+Q L3byiimfCo0yEBDfuQG+YAveU54rSbZoT/Rb2MYCV+mtVjtIwPw0kz9Ohxy4/+0uhU4b R/rQ==
X-Gm-Message-State: AE9vXwOkNHh37djnUpWA4SNByJXLanRS2Fmh44WOYM/Bf53QvlR0tLB6d1jnf5o1k6JkyQ==
X-Received: by 10.55.187.68 with SMTP id l65mr12514112qkf.82.1472671020400; Wed, 31 Aug 2016 12:17:00 -0700 (PDT)
Received: from dave-laptop.localnet (pool-71-185-27-22.phlapa.fios.verizon.net. [71.185.27.22]) by smtp.gmail.com with ESMTPSA id w94sm738326qte.40.2016.08.31.12.16.59 (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 31 Aug 2016 12:16:59 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Wed, 31 Aug 2016 15:16:57 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <201608301419.33620.davemgarrett@gmail.com> <7a56f6b950b46eeb07353805f020c9b8@trigofacile.com> <9A043F3CF02CD34C8E74AC1594475C73F4D08BDD@uxcn10-5.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4D08BDD@uxcn10-5.UoA.auckland.ac.nz>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-Id: <201608311516.58569.davemgarrett@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/00ZlSNO7YmVZS6AwZaMYxYNphnM>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 19:17:03 -0000

(replies to 4 separate but related posts, below)

On Wednesday, August 31, 2016 03:52:44 am Peter Gutmann wrote:
> Julien ÉLIE <julien@trigofacile.com>; writes:
> >Considering that possible change, wouldn't it be useful to go on working on
> >draft-gutmann-tls-lts-05, and consider TLS-LTS not as a TLS extension but as
> >a real 1.3 version of the 1.x series?
> 
> If the current 2.0-called-1.3 is renamed to 2.0, I'd be open to calling LTS
> "1.3", although I think it's more a 1.2.1 :-).  Its real goal though is to be
> exactly what it says on the label, an LTS version of the TLS 1.x line that can
> be used in devices with long lifecycles that are based on the 1.x family and
> need a best-of-breed version of that.  So LTS would be the final, wrap-up
> version of the 1.x line for people who need, well, an LTS version of the
> protocol.

You can't really do that. The HTTP/2 spec explicitly refers to TLS 1.3 and up as not needing the security restrictions on TLS 1.2 it lays out. Any TLS 1.2 LTS will need to be 1.2.x to deal with old documents citing the draft. (there's also citations of analysis of TLS 1.3 that reference it)


On Tuesday, August 30, 2016 05:21:21 pm Daniel Kahn Gillmor wrote:
> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
> doesn't have a "TLS version" registry.  Would it be simpler to have IANA
> create that and just populate it with:
> 
>   Value | Description | Reference
>   ------+-------------+----------
>    0x30 |    SSLv3    | RFC 6101, RFC 7568
>    0x31 |   TLSv1.0   | RFC 2246
>    0x32 |   TLSv1.1   | RFC 4346
>    0x33 |   TLSv1.2   | RFC 5246
>    0x34 |    TLSv4    | RFC XXXX

I've already dropped the struct major/minor labels and changed the type to just uint8x2 in my draft of this proposal. Explicitly adding a registry to go with this sounds good to me.


On Wednesday, August 31, 2016 05:35:47 am Xiaoyin Liu wrote:
> It's normal that people confuse SSLv3 with TLS. SSL 3.0 was a released and widely deployed protocol, and the term "SSL" is still widely used today to refer to TLS.[...]

"Normal" people have no clue what SSL or TLS is. Personally, I say that anyone saying "SSL" should be interrupted by saying "SSL is dead, long live TLS". All of SSL has been diediedied, so it's a reasonable cutoff point to support expectations for the moment, at least. SSL/TLS is a mess of over 20 years of stuff; we can't clean it up fully, but we can try to make it a little more clear. ;)


On Wednesday, August 31, 2016 04:47:59 am Hubert Kario wrote:
> if the WG really wants a TLSvX.0 name, the X really should be bigger than 3

We can call it TLS-2016 in addition to 2.0, which could help with some people, but doing the disjoint versioning thing is not a good idea, IMO (and a fair portion of the WG seems to be notably against it). I don't want to do a confusing thing to try to mitigate another confusing thing.


Dave