Re: [TLS] TLS 1.3 process

[Nikos Mavrogiannopoulos <nmav@redhat.com>]

On Fri, 2014-03-28 at 10:12 -0400, Salz, Rich wrote:
> > The TLS WG charter is pretty clear that the intention isn't to design a completely new protocol but rather to revise TLS,
> > and specifically to "place a priority in minimizing gratuitous changes to TLS."
> +1.
> 
> It seems to me that there are almost three viewpoints within this WG.  With the hope that I'm equally unfair to everyone, I'd summarize them like this:
> 	- Update to modern crypto knowledge to fix bugs, and some modern features and be done
> 	- Make big changes to fix serious problems
> 	- Start over from a clean sheet; "I don't know what it will be, but we'll call it TLS."
> I put myself in the first group (except for SNI encryption, which will get a separate post :), could be convinced to support something from the second once it's written down, and am probably not qualified to evaluate anything from the third group (few people are). Interestingly, barring divine intervention, the above list is probably in order of length of time needed, as well. That would seem to indicate that there's room for all three efforts here.

This is not my impression of the discussions and the meetings. Eric in
the last meetings has presented a list of changes to the protocol that
really exceeds the "Update to modern crypto knowledge to fix bugs, and
some modern features and be done", (whatever that means).

So my understanding is that there will be big changes (e.g., reducing
handshake messages, redesign of handshake to encrypt everything) to fix
serious and not serious problems (e.g., reducing the round-trips), and
the question is whether to do it:
1. within the working group (which is stated to have no crypto
expertise).
2. by using external expertise.

regards,
Nikos