Re: [TLS] TLS 1.3 -> TLS 2.0?

Judson Wilson <wilson.judson@gmail.com> Thu, 01 September 2016 06:05 UTC

Return-Path: <wilson.judson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAB3812D0AA for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 23:05:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.193
X-Spam-Level:
X-Spam-Status: No, score=-1.193 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1KC5NgUjnY4P for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 23:05:27 -0700 (PDT)
Received: from mail-it0-x231.google.com (mail-it0-x231.google.com [IPv6:2607:f8b0:4001:c0b::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D94C612D094 for <tls@ietf.org>; Wed, 31 Aug 2016 23:05:26 -0700 (PDT)
Received: by mail-it0-x231.google.com with SMTP id c198so25916254ith.1 for <tls@ietf.org>; Wed, 31 Aug 2016 23:05:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=mdltIF1M1Vl3kLSA/lnpblZ/K1+dnyyi5Z13r27pwfY=; b=RCsd7yYfYl3HIn60PHze2WqIYevOvpoHfZJw/2lkEUOHq80D79V13fjMZ8grTScTwq T76jbKn1ryMdeoQJxbxtdKyQT2qH+rMpnOq3Un/AptbGNFup4rZpLNrjHGfndku3F2hn SAhcUn4ZGyLLn1c7+7MCEfBIrjdvmbEBOQxoMfdl9agtr+v7Y2lqAYn85UW43Fxz2nsn auVUbpwQdFyvkrbh97hJwYv0L8n7RjzDBZ9GCcFWjCCAZ7f2pSoy23bXX5GCETvEHYQX 0v9WypXAVzA1kVh4ZWoBcvRYSwJ0cAhR0Z5YF5gU1a8PJobjXmjLhL+dOgcxFkiJyvA3 WYgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=mdltIF1M1Vl3kLSA/lnpblZ/K1+dnyyi5Z13r27pwfY=; b=R/VPutFSAepxohFT7F8hljbuEiu60Td0kxYUyhES0j9YpcycwRWipuiPvfLFuEjguT LQNmpQdB2RtiM6dMYIO7iYulP0CkZzRZjH1o3q0e/DvUea8sTaOU+GDmeKNfNMRscJPr yB5OJsgABAEFH48gyxck4fZs5obQwoiy2b6b5iomfXtkh1Rv5ZE86SMnUd/j7EltjVm4 N7QEuj08i9C6Nu01P1ww2QkwfmUxuEVL6Q+84QBKbTSjjNm2rPabew9uNL8PpsR2MgtK KM7nN4reC/d0jd+eF3UFnx26Esa9CDnL8OUXyaFUC9EZVw09M84nsnn2I99KMtkOKwHd uUXQ==
X-Gm-Message-State: AE9vXwMtj/mPHu7qPLW0sox2Mo6nXp2f2aXKnNZrrJXgzqEFoakn8XdVj9qYIi5BoCKhrHihoL8GcL9kFMQtaw==
X-Received: by 10.36.60.10 with SMTP id m10mr38283097ita.95.1472709926266; Wed, 31 Aug 2016 23:05:26 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.249.165 with HTTP; Wed, 31 Aug 2016 23:05:25 -0700 (PDT)
In-Reply-To: <CANBOYLVNpJWRJJ4CD6=Hm2wwPxNkKZqZ==9O6qwqcU+Zu8nN-A@mail.gmail.com>
References: <3453142.248EJ6K14H@pintsize.usersys.redhat.com> <r470Ps-10116i-CEC3CA8865CF43238F20CDDF8386D067@Williams-MacBook-Pro.local> <CAOjisRwQ-p6fi=_wTpdwpSQHzp5-iNKdu=QgGAtYe+HC_huHcg@mail.gmail.com> <CAL02cgReq5tNaTuk72G5-4A2r4tVbpYZtZ_1J46c+7VxwOF1Xg@mail.gmail.com> <CANBOYLVNpJWRJJ4CD6=Hm2wwPxNkKZqZ==9O6qwqcU+Zu8nN-A@mail.gmail.com>
From: Judson Wilson <wilson.judson@gmail.com>
Date: Wed, 31 Aug 2016 23:05:25 -0700
Message-ID: <CAB=4g8KtFA4OKan2XFA5iFZMfMHuhyWxsGJRrBXuvR=Eaqb+cw@mail.gmail.com>
To: Eric Mill <eric@konklone.com>
Content-Type: multipart/alternative; boundary=001a114aa5ac032df2053b6c006f
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/D6Rz-glFIdl-R-uUQpjmLObBwbw>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Sep 2016 06:05:28 -0000

>
> FWIW, I've definitely seen real-world confusion about SSLv3 being a more
> recent protocol than TLS 1.X, by organizations that should know better. If
> there's interest and consensus, this could be a good opportunity to reset
> the situation with TLS/2 or TLS 4.0.
>
> I like TLS/2 aesthetically, and represents a similar level of
> progress/reset that HTTP saw when it jumped from 1.1 to /2.
>
>

What is the slash in the name all about? Is it simply playing off the HTTP
start line specification? Does it have any relevance to TLS?


On Wed, Aug 31, 2016 at 7:01 PM, Eric Mill <eric@konklone.com> wrote:

>
>
> On Wed, Aug 31, 2016 at 7:05 PM, Richard Barnes <rlb@ipv.sx> wrote:
>
>> I am in total agreement with Nick here.  "TLS 1.3" accurately describes
>> what we're doing here, and it's consistent with our past naming scheme.
>>
>> There is no upside to changing away from 1.3, and as Nick notes, lots of
>> potential downside.
>>
>> --Richard
>>
>> On Wednesday, August 31, 2016, Nick Sullivan <nicholas.sullivan@gmail.com>
>> wrote:
>>
>>> I am reluctant to endorse a name change from TLS 1.3 to TLS 2.0. I see a
>>> few immediate issues with the proposal:
>>> - it causes confusion with SSL 2.0
>>> - it implies wire incompatibility with TLS 1.2
>>> - it suggests there will be a forthcoming TLS 2.1 with only minor changes
>>>
>>> If we're dead set on bumping the major version for a mostly backwards
>>> compatible protocol change, we should just drop the minor version and go
>>> with TLS/2.
>>>
>>> Nick
>>>
>>
> FWIW, I've definitely seen real-world confusion about SSLv3 being a more
> recent protocol than TLS 1.X, by organizations that should know better. If
> there's interest and consensus, this could be a good opportunity to reset
> the situation with TLS/2 or TLS 4.0.
>
> I like TLS/2 aesthetically, and represents a similar level of
> progress/reset that HTTP saw when it jumped from 1.1 to /2.
>
> -- Eric
>
>
>
>>
>>> On Wed, Aug 31, 2016 at 12:24 PM Bill Frantz <frantz@pwpconsult.com>
>>> wrote:
>>>
>>>> We could call it TLS 3.4 which would match the internal ID. :-)
>>>>
>>>> BTW, I think using something other than 1.3 is a good idea.
>>>>
>>>> Cheers - Bill
>>>>
>>>> ------------------------------------------------------------
>>>> -------------
>>>> Bill Frantz        | When it comes to the world     | Periwinkle
>>>> (408)356-8506      | around us, is there any choice | 16345 Englewood
>>>> Ave
>>>> www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA
>>>> 95032
>>>>
>>>> _______________________________________________
>>>> TLS mailing list
>>>> TLS@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/tls
>>>>
>>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>>
>
>
> --
> konklone.com | @konklone <https://twitter.com/konklone>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>