Re: [TLS] Confirming consensus: TLS1.3->TLS*

"Salz, Rich" <> Fri, 18 November 2016 21:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 700B012978C for <>; Fri, 18 Nov 2016 13:00:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D7D779aIiDvv for <>; Fri, 18 Nov 2016 13:00:42 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 645C41295DC for <>; Fri, 18 Nov 2016 13:00:42 -0800 (PST)
Received: from (localhost.localdomain []) by postfix.imss70 (Postfix) with ESMTP id C2D19496CA2; Fri, 18 Nov 2016 21:00:41 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id A3035496C83; Fri, 18 Nov 2016 21:00:41 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=a1; t=1479502841; bh=96VVZO3bJrMap7IJW3TYmmb3uf3IJCro95mDj+CPw1k=; l=2596; h=From:To:CC:Date:References:In-Reply-To:From; b=AMP39Q2klD5u6YU9vx6qxIMXImZjM+RbPpvecQHVl5vgfUyrTcKjnRmff9nCwfMsg wlGW1sG3cCafhYwHF9OrkpoWpSksNflubONvU+ohW2Oo4AWzREBz3atgCOXY6dbEpU oHvafDRpFoLbGVOjwXJDCVKyuVEUrBDZpJrNyags=
Received: from ( []) by (Postfix) with ESMTP id 8A8621E07C; Fri, 18 Nov 2016 21:00:41 +0000 (GMT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1178.4; Fri, 18 Nov 2016 16:00:40 -0500
Received: from ([]) by ([]) with mapi id 15.00.1178.000; Fri, 18 Nov 2016 16:00:41 -0500
From: "Salz, Rich" <>
To: Vlad Krasnov <>, "D. J. Bernstein" <>
Thread-Topic: [TLS] Confirming consensus: TLS1.3->TLS*
Thread-Index: AQHSQUF9yvv3al+6E0mEp3NhmRhrEqDfXpiAgAAWzID//8A64A==
Date: Fri, 18 Nov 2016 21:00:40 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 18 Nov 2016 21:00:44 -0000

> First: where can we see the study that proves people are indeed confused
> that TLS > SSL? I don’t buy into that. Are people really confused after 17 years
> of TLS?

Well, for example, your website has twice as many mentions of SSL as TLS.  Why?  Why don't you have a product called "Universal TLS"? The ratio is the same for TLS 1.0 had already existed for more then a decade before either place existed.  BTW, at google, it's 20:1, and that's just google, not the web.  (Counts were done in the obvious dumb way " tls" and then with "ssl" and noting the summary stats at the top of the return results.) 

People are confused because we treat them as the same thing. 

> Third: There was *some* marketing on TLS 1.3, and changing the name now
> will just tell the public the WG is confused and doesn’t know what its doing.

The public has no idea what the WG is.

Listen to the non-developers who have posted here.  Version numbers matter to low-information decision makers, who need something quick and simple to grab on to.  It's silly, but so is the real world.  TLS 4 or TLS 4.0  The technology will get more exposure as the trade press explains why the new version number -- it's so much more secure than what we've had before -- and therefore the "new TLS" will get more mindshare.  And therefore adoption will be more rapid.  That's what we want, right?  Or are we satisfied with just letting two browser's canary builds pull the entire Internet forward?

Yes it wil be inconvenient.  Suck it up, buttercup.  At the IETF this week we had people telling people from an entire industry segment "too bad, this is the right thing to do; adapt."  (I exaggerate for effect here.)  And now we're going to confuse the world because we can't change the name of a GitHub repo, a few #define's in source, and maybe a Wikipedia page?