Re: [TLS] Confirming consensus: TLS1.3->TLS*

Andrei Popov <Andrei.Popov@microsoft.com> Mon, 21 November 2016 18:23 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00B67129B2F for <tls@ietfa.amsl.com>; Mon, 21 Nov 2016 10:23:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.022
X-Spam-Level:
X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yPrzGQyvCJmN for <tls@ietfa.amsl.com>; Mon, 21 Nov 2016 10:23:24 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0093.outbound.protection.outlook.com [104.47.40.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49EEE1296B7 for <tls@ietf.org>; Mon, 21 Nov 2016 10:23:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=oEnh3DuLPfWEKlMhhvk76GbWrJfCtkHchWtYYuMbNVI=; b=De8XfjOj7TOI18UczVQAMWxJVb9cxAjJokDopS/9lNHXzyDYeuIVYuOq8JTQ09o8m31oHtx6cBDdcdYamvEeDgx4tWm3EJKI7RzujXywdWsqzdj1Bo+UD/Y72gP9B3zKD91L7bRWC90M/lTsUlqaKT1o8SJwCKiZJa7lrHct5i8=
Received: from BN3PR0301MB0836.namprd03.prod.outlook.com (10.160.154.146) by BN3PR0301MB0835.namprd03.prod.outlook.com (10.160.154.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.693.12; Mon, 21 Nov 2016 18:23:20 +0000
Received: from BN3PR0301MB0836.namprd03.prod.outlook.com ([10.160.154.146]) by BN3PR0301MB0836.namprd03.prod.outlook.com ([10.160.154.146]) with mapi id 15.01.0693.009; Mon, 21 Nov 2016 18:23:20 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Ilari Liusvaara <ilariliusvaara@welho.com>
Thread-Topic: [TLS] Confirming consensus: TLS1.3->TLS*
Thread-Index: AQHSQUFnfYxD1l3raU+THHLUgHfRNqDeqWsAgAAMewCAACvVgIAAuIAAgAQpaVA=
Date: Mon, 21 Nov 2016 18:23:20 +0000
Message-ID: <BN3PR0301MB083608CDE29F6065367817D48CB50@BN3PR0301MB0836.namprd03.prod.outlook.com>
References: <CF83FAD0-B337-4F9E-A80B-2BAA6826BF41@sn3rd.com> <20161118121909.GA28464@LK-Perkele-V2.elisa-laajakaista.fi> <1479474222033.25911@cs.auckland.ac.nz>, <20161118154043.GA28666@LK-Perkele-V2.elisa-laajakaista.fi> <1479523253827.80996@cs.auckland.ac.nz>
In-Reply-To: <1479523253827.80996@cs.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8:5::1d2]
x-microsoft-exchange-diagnostics: 1; BN3PR0301MB0835; 7:m24J18CF00AqszqrC0Scl4JvCirIzM9nePjiOxb82fGptPddDzphvnnNm39NcdH/qGKIge1/GKw/FUpwsmWQEBWr28rYXvL61H4MbFFjREWjnnXpH8lSMgr9gKt8BRSU6jno+xT5hL9dU8jjrCj5K81sGwQrwCN7In3U3yP6SiJ8ObSZ6maR0gMQLBiN+2QEWnUkw9jYTJraQUpziiafo9RDHRaHdcBnFr12FRf60jV9XeajMrC7G3kpk7Qggsw0pbTFwn/ACU7Nc7/wFE+N9ab1B/2y4q+YOe+Q4XSMfG/4tCHObg0jFcl6d3BrTGWp0Grj9FnUYM8GqPxWUEnqg+DhW6fQHDRGvHBbBwC4etAI7OGKHNKIUgy/CCTrST1j
x-ms-office365-filtering-correlation-id: aefade79-0128-4bb0-8f76-08d4123b78de
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:BN3PR0301MB0835;
x-microsoft-antispam-prvs: <BN3PR0301MB0835936AB79CF90958ACD58F8CB50@BN3PR0301MB0835.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040307)(6060326)(6045199)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(6046074)(6061324)(6042181); SRVR:BN3PR0301MB0835; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0301MB0835;
x-forefront-prvs: 01334458E5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(189002)(13464003)(377454003)(199003)(7846002)(229853002)(3660700001)(2900100001)(5005710100001)(74316002)(86612001)(8990500004)(81156014)(3280700002)(99286002)(101416001)(7736002)(8676002)(10290500002)(102836003)(6116002)(9686002)(6506003)(2906002)(4326007)(68736007)(106116001)(105586002)(54356999)(106356001)(38730400001)(7696004)(8936002)(81166006)(5660300001)(305945005)(77096005)(97736004)(122556002)(92566002)(76176999)(50986999)(10090500001)(5001770100001)(189998001)(33656002)(2950100002)(87936001)(76576001)(93886004)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0301MB0835; H:BN3PR0301MB0836.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2016 18:23:20.2551 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0301MB0835
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/LYSr5fppUrLk3r_L9-z3_Hpouvk>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2016 18:23:26 -0000

Peter has some excellent points here (although I would prefer "TLS 2.0").

Perhaps the "re-branders" are losing votes and hums because we're fragmented into numerous camps.

With this in mind, I'm voting in favor of any re-branding of TLS 1.3 where the protocol name remains "TLS" and major version becomes > 1.

Cheers,

Andrei

-----Original Message-----
From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Peter Gutmann
Sent: Friday, November 18, 2016 6:41 PM
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: <tls@ietf.org> <tls@ietf.org>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*

Replying to several messages at once to save space:

Ilari Liusvaara:

>One can downnegotiate TLS 1.3 to TLS 1.2.

Ah, you're obviously a fan of Steve Wozniak humour.  When someone asked him whether it was possible to upgrade from an Apple II+ to an Apple IIe, he similarly said "yes, you unplug the power cable from the II+, throw it away, and plug the IIe into the newly-vacated power cable".

Christian Huitema:

>I prefer TLS 1.3, because is signals continuity with the ongoing TLS 
>deployment efforts.

Maybe it's just me, but wouldn't the fact that they're both called TLS sort of indicate that there's continuity there?

Dave Kern:

>I'm in favor of TLS 4, and ignoring the minor version number (in the 
>friendly text string, not the protocol field) moving forward.

That's actually a good point, "TLS 4" provides a single, clean number for people to remember.  Even a CTO or auditor should be able to get that one right without having to look up a table in a book to see that 1.3 > v3.

Peter.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls