Re: [TLS] Confirming consensus: TLS1.3->TLS*

Eric Mill <eric@konklone.com> Fri, 18 November 2016 15:35 UTC

Return-Path: <eric@konklone.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1E5712958D for <tls@ietfa.amsl.com>; Fri, 18 Nov 2016 07:35:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SORBS_SPAM=0.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bfQ1eU3hUx6N for <tls@ietfa.amsl.com>; Fri, 18 Nov 2016 07:35:36 -0800 (PST)
Received: from sasl.smtp.pobox.com (pb-smtp2.pobox.com [64.147.108.71]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E238128B37 for <tls@ietf.org>; Fri, 18 Nov 2016 07:35:35 -0800 (PST)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id EBD7A4E0C4 for <tls@ietf.org>; Fri, 18 Nov 2016 10:35:33 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; s=sasl; bh=J//7Dfl9wLvlhU9vdDOSwnnWRdM=; b=HZA+co An7lwj+vR6W/KU+k05APO4tydIDl5GxYtk06YDf9MqcveHGsDIDCyIMSfYcLtX8H MQXYV5/cpzp/8ostK5++8bkDEwUqhFf2zMGB1nK0Ne0bUSCwDvegqWClkS6YUGIE +A/14T7yIlPiIyWq+ZgOACxmnKVXeg3yValeE=
Received: from pb-smtp2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id E41DF4E0C3 for <tls@ietf.org>; Fri, 18 Nov 2016 10:35:33 -0500 (EST)
Received: from mail-qk0-f178.google.com (unknown [209.85.220.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp2.pobox.com (Postfix) with ESMTPSA id 8D6ED4E0C2 for <tls@ietf.org>; Fri, 18 Nov 2016 10:35:33 -0500 (EST)
Received: by mail-qk0-f178.google.com with SMTP id n204so267849271qke.2 for <tls@ietf.org>; Fri, 18 Nov 2016 07:35:33 -0800 (PST)
X-Gm-Message-State: AKaTC00g7AJo/4Dc6I88xPyJbhj5FwItKudJFYiCBAQmBwIfBnwKRiJGZUtRHrlTjAjViscCzxGPZAecU7lg8g==
X-Received: by 10.55.19.97 with SMTP id d94mr418707qkh.200.1479483332758; Fri, 18 Nov 2016 07:35:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.44.205 with HTTP; Fri, 18 Nov 2016 07:34:52 -0800 (PST)
In-Reply-To: <CF83FAD0-B337-4F9E-A80B-2BAA6826BF41@sn3rd.com>
References: <CF83FAD0-B337-4F9E-A80B-2BAA6826BF41@sn3rd.com>
From: Eric Mill <eric@konklone.com>
Date: Fri, 18 Nov 2016 10:34:52 -0500
X-Gmail-Original-Message-ID: <CANBOYLXg7oDnHJApYt=40rDx1WK4ytdKj2pX_=njaZdrPEdeVw@mail.gmail.com>
Message-ID: <CANBOYLXg7oDnHJApYt=40rDx1WK4ytdKj2pX_=njaZdrPEdeVw@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Content-Type: multipart/alternative; boundary="001a114009c08015f20541950eb8"
X-Pobox-Relay-ID: A500F5C0-ADA4-11E6-B61D-3AB77A1B28F4-82875391!pb-smtp2.pobox.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/SiaGnZxq_J2U_SYHfnISizsf0HA>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2016 15:35:38 -0000

On Thu, Nov 17, 2016 at 9:12 PM, Sean Turner <sean@sn3rd.com> wrote:

> At IETF 97, the chairs lead a discussion to resolve whether the WG should
> rebrand TLS1.3 to something else.  Slides can be found @
> https://www.ietf.org/proceedings/97/slides/slides-97-tls-
> rebranding-aka-pr612-01.pdf.
>
> The consensus in the room was to leave it as is, i.e., TLS1.3, and to not
> rebrand it to TLS 2.0, TLS 2, or TLS 4.  We need to confirm this decision
> on the list so please let the list know your top choice between:
>
> - Leave it TLS 1.3
> - Rebrand TLS 2.0
> - Rebrand TLS 2
> - Rebrand TLS 4
>

Because I have literally had the experience of a (very) major organization
insisting that HTTPS was not secure because the "most recent" version, SSL
version 3.0, had recently been broken, I support moving this out to TLS 4.

But more generally, I support getting off of the major/minor version naming
scheme. There are no "minor versions" of TLS. Every one is a huge deal for
the ecosystem to update to. I think it will be simpler for everyone in the
future if TLS always just uses whole numbers with no decimal points.

So either TLS 4 or TLS 2 would be improvements in some way. TLS 2.0
wouldn't get you improvements in either category.

As really a non-participant in the WG, I don't expect my preference to
count much, but for whatever it's worth, it would be:

TLS 4 > TLS 2 > TLS 1.3 > TLS 2.0

-- Eric

by 2 December 2016.
>
> Thanks,
> J&S
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>



-- 
konklone.com | @konklone <https://twitter.com/konklone>