Re: [TLS] TLS 1.3 (-18) at Apple
Chris Wood <cawood@apple.com> Wed, 14 June 2017 18:09 UTC
Return-Path: <cawood@apple.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143B81292FD for <tls@ietfa.amsl.com>; Wed, 14 Jun 2017 11:09:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kvgg2RlFFDNA for <tls@ietfa.amsl.com>; Wed, 14 Jun 2017 11:09:06 -0700 (PDT)
Received: from mail-in7.apple.com (mail-out7.apple.com [17.151.62.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36F43128AB0 for <tls@ietf.org>; Wed, 14 Jun 2017 11:09:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1497463746; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=8XFNF35SLyLFBihiTkM4xbR6onfyGRq1hfxJ8Rhyr3o=; b=UQQXhzC2wM2JNvlgtISV3bARJyGk+wVtfCOshIV32fe4B5VdKgNg+Fp51ekYQSeA wQlM+kH0ugsjBOGrV5XY4/DQRqAeNQamhnSOXZpSVQEKebprNF2eRRix4wf5YCPP s1ANFbrClcM+JJCBQ+dZIVMGy5AA6XHfjq9g8NEbPNr8lMZr7fg4mxmY2E3qtwl7 LLT+lyaSwwLdz5EdNbZgWVj+oH7fdbQMT6CX83TYOF2h1X9pdKDa49ETOFsZ8lKD zkCQ0W/paG2SD+dY08jmRx6testx5S/cgbSac3KklhwmJP2FjiTqfUGdB+mBJBBg wjHjguLI1amYImLNv9in0w==;
Received: from relay24.apple.com (relay24.apple.com [17.171.128.105]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail-in7.apple.com (Apple Secure Mail Relay) with SMTP id 4B.DF.07949.1CB71495; Wed, 14 Jun 2017 11:09:06 -0700 (PDT)
X-AuditID: 11973e16-bf3fb70000001f0d-4f-59417bc1f455
Received: from russet.apple.com (russet.apple.com [17.171.2.67]) by relay24.apple.com (Apple SCV relay) with SMTP id 2A.19.18906.0CB71495; Wed, 14 Jun 2017 11:09:04 -0700 (PDT)
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_JwaC84C52Z8AAw/+gFk7Dw)"
Received: from [100.82.154.129] (228.sub-174-221-129.myvzw.com [174.221.129.228]) by russet.apple.com (Oracle Communications Messaging Server 8.0.1.2.20170210 64bit (built Feb 10 2017)) with ESMTPSA id <0ORJ008FXUF2S060@russet.apple.com>; Wed, 14 Jun 2017 11:09:04 -0700 (PDT)
Sender: cawood@apple.com
From: Chris Wood <cawood@apple.com>
X-Mailer: iPhone Mail (14F89)
In-reply-to: <fbb16207-6910-95b1-b278-dbe9f3155012@akamai.com>
Date: Wed, 14 Jun 2017 20:09:01 +0200
Cc: tls@ietf.org
Message-id: <13099025-10E2-42B8-B331-2FE84BC08473@apple.com>
References: <0E6B6240-4F99-46D4-81D0-533473EBFD87@apple.com> <fbb16207-6910-95b1-b278-dbe9f3155012@akamai.com>
To: Benjamin Kaduk <bkaduk@akamai.com>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrALMWRmVeSWpSXmKPExsUiuLohU/dQtWOkwbpWVovGzY2sFp/OdzE6 MHlMPrKA2WPJkp9MAUxRXDYpqTmZZalF+nYJXBkPHuUXLJetmL/wB2MD4zKJLkZODgkBE4mn T0+xdjFycQgJrGOSmHmgiwUmcb5vLxNEYhOjxNLmCcwgCV4BQYkfk++BFTELhElc+biQHaJo HpPE7h1bwYqEBSQkXu+ZCGVrSvyY9ZURxGYTUJa4cBCkAWSDrMTJle1ANgcHp4CdxL75IiBh FgFViYPPZrBDzBeQOPfsBdReG4knx++AxYUECiQWzlvBCtIqIqAmcWFeHcTECWwS51dJTGAU moXk0llILp0F1MEsoC4xZUouRFhb4sm7C6wQtprEwt+LmJDFFzCyrWIUyk3MzNHNzDPXSywo yEnVS87P3cQIioLpdmI7GB+usjrEKMDBqMTDy2DhGCnEmlhWXJl7iFGag0VJnHd5MVBIID2x JDU7NbUgtSi+qDQntfgQIxMHp1QDI8ODasUPoYu2u6hsMd4e52HuKlYv/fdO7cvvu9aodD35 +dOmwfNRRNTfnulPTi/bstlrTTOvdNeME+ZnHDm3BXKoH+yvsb9zd7lS1kWu44eDBTREJjie Ubr0cL5D3P/L3t8e3uqT5mi82/r9qWTzksCPok4ut/5Z51987332Stq9TVyzJio56CmxFGck GmoxFxUnAgBumAjOYwIAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrKLMWRmVeSWpSXmKPExsUiuJrJWfdAtWOkwcT5lhaNmxtZLT6d72J0 YPKYfGQBs8eSJT+ZApiiuGxSUnMyy1KL9O0SuDIePMovWC5bMX/hD8YGxmUSXYycHBICJhLn +/YydTFycQgJbGKUWNo8gRkkwSsgKPFj8j0WEJtZIEziyseF7BBF85gkdu/YClYkLCAh8XrP RChbU+LHrK+MIDabgLLEhYMgDSAbZCVOrmwHsjk4OAXsJPbNFwEJswioShx8NoMdYr6AxLln L6D22kg8OX4HLC4kUCCxcN4KVpBWEQE1iQvz6iYw8s9Cct0sJNfNAqpiFlCXmDIlFyKsLfHk 3QVWCFtNYuHvRUzI4gsY2VYxChal5iRWGpnoJRYU5KTqJefnbmIEB25D5g7GWzfNDjEKcDAq 8fCuMHWMFGJNLCuuzD3EKMHBrCTCa1UBFOJNSaysSi3Kjy8qzUktPsQozcGiJM7rAZISSE8s Sc1OTS1ILYLJMnFwSjUwpkz6v7fKsSdmRvxz1Qd79k6UvyP/f4lZq/i8adwTP8n698X6V6cH fnNnczN5wxhkEeSWmGczqfINY/puj0eqWkmXHb5ytF/YntK65vibEoUPpvcfmP7Td3zrdb3m UtLRm/zN7vrR8WV+iSJ1dlxnPvrU3kiou+Suyfza7HfVTNY5NTvvLTmpxFKckWioxVxUnAgA uXXKqlgCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/T8k0ZT3jgdVY3LSGjxAtNC2nvJs>
Subject: Re: [TLS] TLS 1.3 (-18) at Apple
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2017 18:09:08 -0000
> On Jun 14, 2017, at 8:02 PM, Benjamin Kaduk <bkaduk@akamai.com> wrote: > >> On 06/14/2017 01:00 PM, Chris Wood wrote: >> Hi folks, >> >> Last week at WWDC 2017, we (Apple) announced support for TLS 1.3 (-18) in our platforms. It is not turned on by default. If you’re a member of the developer seed, you may enable it on iOS by downloading and installing the following profile: >> >> https://developer.apple.com/go/?id=tls13-mobile-profile >> >> You may also enable support on macOS with the following defaults write: >> >> defaults write /Library/Preferences/com.apple.networkd tcp_connect_enable_tls13 1 > > Is the plan to stay on draft-18 until it's time to move to the final RFC version? As of now, that is the most likely outcome. Though that may change if most other clients and servers move to a more recent version. >> Our goal is maximal coverage in apps and networks. We encourage everyone who’s a member to opt in and start testing your services. >> >> Note, we currently do not have 0-RTT data support. >> > > Seems prudent, given how much it's still in flux (and the lack of published application profiles for its use). Precisely. Best, Chris
- [TLS] TLS 1.3 (-18) at Apple Chris Wood
- Re: [TLS] TLS 1.3 (-18) at Apple Benjamin Kaduk
- Re: [TLS] TLS 1.3 (-18) at Apple Chris Wood