IETF Logo Mail Archive

Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft

mrex@sap.com (Martin Rex) Sat, 03 January 2015 12:30 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9FB61A89FE for <tls@ietfa.amsl.com>; Sat, 3 Jan 2015 04:30:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.851
X-Spam-Level:
X-Spam-Status: No, score=-3.851 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uomiE78cNyeQ for <tls@ietfa.amsl.com>; Sat, 3 Jan 2015 04:30:38 -0800 (PST)
Received: from smtpde01.smtp.sap-ag.de (smtpde01.smtp.sap-ag.de [155.56.68.170]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83A011A8A04 for <tls@ietf.org>; Sat, 3 Jan 2015 04:30:38 -0800 (PST)
Received: from mail05.wdf.sap.corp (mail05.sap.corp [194.39.131.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde01.smtp.sap-ag.de (Postfix) with ESMTPS id 5C60D3A133; Sat, 3 Jan 2015 13:30:36 +0100 (CET)
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail05.wdf.sap.corp (Postfix) with ESMTP id 52A80410AD; Sat, 3 Jan 2015 13:30:36 +0100 (CET)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id 393011B0C2; Sat, 3 Jan 2015 13:30:36 +0100 (CET)
In-Reply-To: <201412271739.24476.davemgarrett@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Date: Sat, 03 Jan 2015 13:30:36 +0100
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20150103123036.393011B0C2@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/RkUvojjt2dPm_7q1hlwMCdHoToU
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jan 2015 12:30:41 -0000

Dave Garrett wrote:
> 
> The newest version of TLS should not be have to be written to accommodate
> an 8 year old EOL Java version's default settings.

While Android seems to use OpenSSL (native code) rather than the SSL from
the JDK, Android 4.1 through 4.3 (Jelly Bean) and Android 4.4 (KitKat)
seem to all be using Java 6.  And its not like end uses would have
a choice to perform an upgrade themselves.

Java 7 is limited to Android 5, and that is mostly vaporware for what
was sold during the 2014 Xmas sales.  Pretty much all brand new sales
are Android 4.x with Java 6.

-Martin

v2.31.3 | Report a Bug | By Email | System Status