Re: [TLS] TLS 1.3 -> TLS 2.0?

Eric Mill <eric@konklone.com> Thu, 01 September 2016 02:02 UTC

Return-Path: <eric@konklone.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E939312D7DD for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 19:02:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.093
X-Spam-Level:
X-Spam-Status: No, score=-1.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rt7xCwAfE-Gy for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 19:02:28 -0700 (PDT)
Received: from sasl.smtp.pobox.com (pb-smtp1.pobox.com [64.147.108.70]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5ADF12B03C for <tls@ietf.org>; Wed, 31 Aug 2016 19:02:28 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 6DEEF3B490 for <tls@ietf.org>; Wed, 31 Aug 2016 22:02:25 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; s=sasl; bh=zF22BSeeAGBVS7lqK6lfX9rsIvU=; b=eb38Pq ZVyBp9on3MBfP6SZJYFziEPt0opPmxyWg80bo2uY/ZosfCZw66m1N5AJEIwI+uxO iklKusKSK4t5004xijciKx0V14RIrcUl7BKf5uRWeF66uj0+IGcYTcFTkjOqHC86 +xUg1oI8ceZxDeN4igADAkXCkdBdJFx4dXdLc=
Received: from pb-smtp1.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 66E953B48F for <tls@ietf.org>; Wed, 31 Aug 2016 22:02:25 -0400 (EDT)
Received: from mail-qt0-f177.google.com (unknown [209.85.216.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id 0A0F83B48C for <tls@ietf.org>; Wed, 31 Aug 2016 22:02:25 -0400 (EDT)
Received: by mail-qt0-f177.google.com with SMTP id 11so22513722qtc.0 for <tls@ietf.org>; Wed, 31 Aug 2016 19:02:24 -0700 (PDT)
X-Gm-Message-State: AE9vXwO8EXS6mtVEICGB/3bkNkxaOg7WAr/ETlkpzTASHvOTGA7ITOH442d4QisAPevRgoWWdyrh1u3ddXfx4Q==
X-Received: by 10.200.50.86 with SMTP id y22mr1057398qta.61.1472695344165; Wed, 31 Aug 2016 19:02:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.39.187 with HTTP; Wed, 31 Aug 2016 19:01:43 -0700 (PDT)
In-Reply-To: <CAL02cgReq5tNaTuk72G5-4A2r4tVbpYZtZ_1J46c+7VxwOF1Xg@mail.gmail.com>
References: <3453142.248EJ6K14H@pintsize.usersys.redhat.com> <r470Ps-10116i-CEC3CA8865CF43238F20CDDF8386D067@Williams-MacBook-Pro.local> <CAOjisRwQ-p6fi=_wTpdwpSQHzp5-iNKdu=QgGAtYe+HC_huHcg@mail.gmail.com> <CAL02cgReq5tNaTuk72G5-4A2r4tVbpYZtZ_1J46c+7VxwOF1Xg@mail.gmail.com>
From: Eric Mill <eric@konklone.com>
Date: Wed, 31 Aug 2016 22:01:43 -0400
X-Gmail-Original-Message-ID: <CANBOYLVNpJWRJJ4CD6=Hm2wwPxNkKZqZ==9O6qwqcU+Zu8nN-A@mail.gmail.com>
Message-ID: <CANBOYLVNpJWRJJ4CD6=Hm2wwPxNkKZqZ==9O6qwqcU+Zu8nN-A@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Content-Type: multipart/alternative; boundary=001a11405baada03a6053b689a06
X-Pobox-Relay-ID: 208C02C0-6FE8-11E6-B00B-F7BB12518317-82875391!pb-smtp1.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/KYKzneXMv0wiHa-wubcuciD5X4k>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Sep 2016 02:02:30 -0000

On Wed, Aug 31, 2016 at 7:05 PM, Richard Barnes <rlb@ipv.sx> wrote:

> I am in total agreement with Nick here.  "TLS 1.3" accurately describes
> what we're doing here, and it's consistent with our past naming scheme.
>
> There is no upside to changing away from 1.3, and as Nick notes, lots of
> potential downside.
>
> --Richard
>
> On Wednesday, August 31, 2016, Nick Sullivan <nicholas.sullivan@gmail.com>
> wrote:
>
>> I am reluctant to endorse a name change from TLS 1.3 to TLS 2.0. I see a
>> few immediate issues with the proposal:
>> - it causes confusion with SSL 2.0
>> - it implies wire incompatibility with TLS 1.2
>> - it suggests there will be a forthcoming TLS 2.1 with only minor changes
>>
>> If we're dead set on bumping the major version for a mostly backwards
>> compatible protocol change, we should just drop the minor version and go
>> with TLS/2.
>>
>> Nick
>>
>
FWIW, I've definitely seen real-world confusion about SSLv3 being a more
recent protocol than TLS 1.X, by organizations that should know better. If
there's interest and consensus, this could be a good opportunity to reset
the situation with TLS/2 or TLS 4.0.

I like TLS/2 aesthetically, and represents a similar level of
progress/reset that HTTP saw when it jumped from 1.1 to /2.

-- Eric



>
>> On Wed, Aug 31, 2016 at 12:24 PM Bill Frantz <frantz@pwpconsult.com>
>> wrote:
>>
>>> We could call it TLS 3.4 which would match the internal ID. :-)
>>>
>>> BTW, I think using something other than 1.3 is a good idea.
>>>
>>> Cheers - Bill
>>>
>>> ------------------------------------------------------------
>>> -------------
>>> Bill Frantz        | When it comes to the world     | Periwinkle
>>> (408)356-8506      | around us, is there any choice | 16345 Englewood
>>> Ave
>>> www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA
>>> 95032
>>>
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>>
>>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>


-- 
konklone.com | @konklone <https://twitter.com/konklone>