Re: [TLS] TLS 1.3 -> TLS 2.0?

Dave Garrett <> Wed, 31 August 2016 22:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BA44A12D7B2 for <>; Wed, 31 Aug 2016 15:43:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.194
X-Spam-Status: No, score=-1.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id T0iAmJ5jO68U for <>; Wed, 31 Aug 2016 15:43:23 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E43F512D77C for <>; Wed, 31 Aug 2016 15:43:22 -0700 (PDT)
Received: by with SMTP id v123so67258505qkh.2 for <>; Wed, 31 Aug 2016 15:43:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=/YpVrk6cqpvghk95WQZRVC18tYMcgTu+vxqMv65qBQY=; b=mY6PlU+aSXxFtLgsC+vlk/3/Gp2mqTD6pOBOvLClJEZYOGwF1yIA0vFvdGs7mxwSDE 8iQufzGZbWzWGWqz5YCwTAwmTBK6rJ+t8fXVahUDHayTJdWkrDMGNyWvAduXno2lItSp voVGbgxbP/GsuwKI99N7vxp6l59WjSjoGDJ5DLnS/gDxZIno8eCv2B4VNJTTCofy1pHV j05+vWAV8/AarhuJLFenhdVNFvUrkibz7cGMYCbokJOz0JJj/ab0SYBwdyEEJJghFeNS QLijRQ0RKp3r9dIbX071QNYd7DlkmKjTDW0lFQdUQbclgCSCG3o7NppGID7qCy1lWJwq xkDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=/YpVrk6cqpvghk95WQZRVC18tYMcgTu+vxqMv65qBQY=; b=YtVfCbr7B10eC2DNOzjpgRRZixKSDywDJYxg3h568NML24ihdA0RkLcEcVGiCK2M3X l4ePGwtXGm0KEPBe7kweOVCulPsyI2u/CGs6kmqarVzx2ktmcdJg9k08NRUkrNgygCAh c5XSBuxTVcyW+JWgGv44dc6EOLXjqh/dhuAEVklXMt7KsUFcT2X6KWb1/rXA9DGt/rOz 07DMpg5DjVfgveWMM7TAInOSiB7ljdfvHtFM7KilMx38bRl5WYuMtVV7+zsNOUlaLFSN NM6fjTcJgs/qCA7aAYHXwoHyP/LR9URlDgK+lvxuABVllBI7PW5a1jnPcMt3iLeziCgJ /zTA==
X-Gm-Message-State: AE9vXwN1Zpy65M9woDja25a3X2SmBR7nwHx1ZJvLdl4eKtLiK2Ey1pJz5BuoO4DfvwUJIQ==
X-Received: by with SMTP id 4mr13780597qki.196.1472683402121; Wed, 31 Aug 2016 15:43:22 -0700 (PDT)
Received: from dave-laptop.localnet ( []) by with ESMTPSA id d133sm1194800qke.20.2016. (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 31 Aug 2016 15:43:21 -0700 (PDT)
From: Dave Garrett <>
Date: Wed, 31 Aug 2016 18:43:20 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <> <r470Ps-10116i-CEC3CA8865CF43238F20CDDF8386D067@Williams-MacBook-Pro.local> <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <>
Archived-At: <>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 31 Aug 2016 22:43:24 -0000

On Wednesday, August 31, 2016 06:35:13 pm Nick Sullivan wrote:
> I am reluctant to endorse a name change from TLS 1.3 to TLS 2.0.

I was too, until we created a new cipher suite negotiation incompatible with previous versions.

> I see a few immediate issues with the proposal:
> - it causes confusion with SSL 2.0

I disagree. There is a perpetual confusion between SSL and TLS, but this doesn't really make it that much worse.

> - it implies wire incompatibility with TLS 1.2

SSL 3.0 and TLS 1.0 share compatible hellos. A TLS 2 only client won't be able to connect to a TLS 1.2 only server, but that's true with all version changes. I don't see how a major version bump implies any more wire incompatibility, especially when we bend over backwards to maintain hello compatibility with SSL 3.

> - it suggests there will be a forthcoming TLS 2.1 with only minor changes

There could be, if we wanted to. I don't see a problem with that.

> If we're dead set on bumping the major version for a mostly backwards
> compatible protocol change, we should just drop the minor version and go
> with TLS/2.

I don't have a problem with dropping the ".0", but I don't see the point in the HTTP/2 style slash. TLS 2 is fine.