IETF Logo Mail Archive

Re: [TLS] Confirming consensus: TLS1.3->TLS*

David Benjamin <davidben@chromium.org> Fri, 18 November 2016 06:18 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C97F1129A23 for <tls@ietfa.amsl.com>; Thu, 17 Nov 2016 22:18:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.196
X-Spam-Level:
X-Spam-Status: No, score=-4.196 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id serR6h7dTZMw for <tls@ietfa.amsl.com>; Thu, 17 Nov 2016 22:18:17 -0800 (PST)
Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC8B51298A9 for <tls@ietf.org>; Thu, 17 Nov 2016 22:18:17 -0800 (PST)
Received: by mail-it0-x236.google.com with SMTP id c20so13562916itb.0 for <tls@ietf.org>; Thu, 17 Nov 2016 22:18:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=iTjD79qF4up5YgJ1p6v5ThBh7Zm2yvWUijgeeuDu8Gs=; b=BgHpFIIRr3IG/nroZ6A2NYSojrV6xTT/QpaYf4uyrTryjpp4nW73XNSSgPOVzt4Q0x QFP4LhUK3aceFfb5zqpXSeA5R09zAwprHEYxFGQggrIGBihGnGoiecxcBjyJSwvu5VBf UxSQq/68JHnAO915LO+278sOCsLhowLD2zvl0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=iTjD79qF4up5YgJ1p6v5ThBh7Zm2yvWUijgeeuDu8Gs=; b=LkYwOKkZo/50CoQVtvjmO3gCPCtO/4guadmrkD4RXTnygAO3Xrc8RJO/OmeNLaynl3 8DeYdLpNboJ8zbVAFB2A60L96P6mT4r1ixQvP7c7xSFikPryZqiur/Nj+MHlcmjPlxDU iZlrqGN39gvtYRf3V8Gup6nDfIPhz/aVBjT5vKelaurI/s/QKlSNSeDNEB6nMvnjPSVc U/6Zw5gR+iaBbHmvWzvQ6IciocCfdVxi7tSOltfYcFbnEWJ/I89HcHPxHYIAUwz0jlwD L9XJ2CwldyC0QQ19Saj56Z6oEjumKl97MoyLSZznHdYSfVxcCVfSnsSFx290I0YX0R5E jrIQ==
X-Gm-Message-State: AKaTC02GeoNmgtPz963QQL09Y6S8wIATv3rGHgj3QIAB6aoMUvZIEERSGqrSg8cXuW4PwIdltgqc3xTxxFPGNiwK
X-Received: by 10.107.136.229 with SMTP id s98mr6949240ioi.171.1479449896648; Thu, 17 Nov 2016 22:18:16 -0800 (PST)
MIME-Version: 1.0
References: <CF83FAD0-B337-4F9E-A80B-2BAA6826BF41@sn3rd.com> <20161118060429.GQ26244@mournblade.imrryr.org>
In-Reply-To: <20161118060429.GQ26244@mournblade.imrryr.org>
From: David Benjamin <davidben@chromium.org>
Date: Fri, 18 Nov 2016 06:18:05 +0000
Message-ID: <CAF8qwaB8jOEaspd9S3Jvca64dC-+EMrsUf3edkPETenzi4xYuA@mail.gmail.com>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary="001a113ed55c8ddfac05418d458c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CfSRcnm0_YbT20dTvxXxVDHXVH8>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2016 06:18:20 -0000

I already hummed in the room, but I think it should stay as TLS 1.3. Either
of TLS 2 or TLS 4 makes the SSL/TLS silliness worse. One matches SSL 2.0
and the other just makes all this weirder. (Do we really want 2.0 < 3.0 <
1.0 < 1.1 < 1.2 < 4?)

TLS 1.3 is the natural next number and doesn't make anything worse. Let's
just use it.

On Fri, Nov 18, 2016 at 3:04 PM Viktor Dukhovni <ietf-dane@dukhovni.org>
wrote:

> On Fri, Nov 18, 2016 at 11:12:48AM +0900, Sean Turner wrote:
>
> > At IETF 97, the chairs lead a discussion to resolve whether the WG should
> > rebrand TLS1.3 to something else.  Slides can be found @
> >
> https://www.ietf.org/proceedings/97/slides/slides-97-tls-rebranding-aka-pr612-01.pdf
> .
> >
> > The consensus in the room was to leave it as is, i.e., TLS1.3, and to not
> > rebrand it to TLS 2.0, TLS 2, or TLS 4.  We need to confirm this decision
> > on the list so please let the list know your top choice between:
> >
> > - Leave it TLS 1.3
> > - Rebrand TLS 2.0
> > - Rebrand TLS 2
> > - Rebrand TLS 4
>
> TLS 4 sounds about right to me:
>
>     * Conveys the substantial protocol changes
>     * Avoids any confusion from SSLv2/SSLv3 bearing higher numbers than
> TLS 1.x
>     * If someone happens to call it SSLv4 it will not be confusing.
>     * Matches the minor version on the wire protocol
>
> Though with this choice, the next version would likely be TLS 5,
> whether or not it is a major change or just incremental change, I
> don't think it will going forward be important to convey that some
> version updates are minor.  A non-branching integral sequence feels
> about right.
>
> The only downside I see is that it becomes unclear what to call
> some future protocol version with a wire protocol major number not
> equal to 3.  My take is that such a protocol would no longer be
> TLS (it would presumably have an incompatible HELLO and/or record
> layer format and would not be able to negotiate older protocol
> versions), so there's likely not much point in calling such a
> hypothetical beast "TLS".
>
> --
>         Viktor.
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email