Re: [TLS] TLS 1.3 -> TLS 2.0?

Brian Sniffen <bsniffen@akamai.com> Wed, 31 August 2016 17:23 UTC

Return-Path: <bsniffen@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0ECD012D1A5 for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 10:23:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.743
X-Spam-Level:
X-Spam-Status: No, score=-1.743 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hALLY7KULXsK for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 10:23:25 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com [23.79.238.179]) by ietfa.amsl.com (Postfix) with ESMTP id 93BD012D19B for <tls@ietf.org>; Wed, 31 Aug 2016 10:23:25 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 36B7D3F402B; Wed, 31 Aug 2016 17:23:25 +0000 (GMT)
Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com [172.27.118.250]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id 201E83F4009; Wed, 31 Aug 2016 17:23:25 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1472664205; bh=55N+79rHjmz9UKsKCJ3zQdJa94V0l7hQXFpady1+Q9s=; l=2411; h=From:To:CC:In-Reply-To:References:Date:From; b=Q5MR7WFsZon2QwfPV/czpeMWWG38DAAvjoiduMyuoBWWvn+soAhoaCGYu8pJq7iZs W2nm9VqZVHDBRwT+2+t9ufgY4HCw7egAVIXASDp8XcMirnyJHHCPvp/By3cTIxGh2c PuXP+IowIQmERjpdaAMNlvtR5OQ7hG1EF/pTX0OI=
Received: from email.msg.corp.akamai.com (ecp.msg.corp.akamai.com [172.27.123.34]) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id 1C3901FC88; Wed, 31 Aug 2016 17:23:25 +0000 (GMT)
Received: from usma1ex-dag3mb5.msg.corp.akamai.com (172.27.123.55) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 31 Aug 2016 13:23:24 -0400
Received: from USMA1EX-CAS2.msg.corp.akamai.com (172.27.123.31) by usma1ex-dag3mb5.msg.corp.akamai.com (172.27.123.55) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 31 Aug 2016 10:23:24 -0700
Received: from bos-mpeve.kendall.corp.akamai.com (172.28.16.165) by USMA1EX-CAS2.msg.corp.akamai.com (172.27.123.31) with Microsoft SMTP Server id 15.0.1178.4 via Frontend Transport; Wed, 31 Aug 2016 13:23:24 -0400
From: Brian Sniffen <bsniffen@akamai.com>
To: Erik Nygren <erik+ietf@nygren.org>, Dave Garrett <davemgarrett@gmail.com>
In-Reply-To: <CAKC-DJjUjZneEP5swE+Gd9_RFHS57TBDOVLiQxKEE5wgNg53Xw@mail.gmail.com>
References: <201608301419.33620.davemgarrett@gmail.com> <CY1PR15MB077803AB565FB6CD20098CEAFFE00@CY1PR15MB0778.namprd15.prod.outlook.com> <201608301529.49488.davemgarrett@gmail.com> <CAKC-DJjUjZneEP5swE+Gd9_RFHS57TBDOVLiQxKEE5wgNg53Xw@mail.gmail.com>
User-Agent: Notmuch/0.22.1 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-apple-darwin13.4.0)
Date: Wed, 31 Aug 2016 13:23:23 -0400
Message-ID: <m2inugyhro.fsf@bos-mpeve.kendall.corp.akamai.com>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/VSR-s_ohXsWDvXbtCrBXu4sEzFM>
Cc: tls@ietf.org
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 17:23:27 -0000

Erik Nygren <erik+ietf@nygren.org>; writes:

> I'm also very supportive for the reasons you outline.
>
> However, I think we should consider calling it TLS 4 or TLS 4.0 or TLS 5.
>
> In particular, much of the non-technical audience still calls it "SSL" (pet
> peeve of many of us, I suspect) and having a version number clearly greater
> than SSLv3 and not confusing with SSLv2 would be quite valuable.  "TLS 2"
> may have risk for unfortunate confusions with SSLv2 and SSLv3.

That is wise.

What discussions were deferred as "this is just 1.3, wait for 2.0" that
will legitimately come back out of the woodwork if this is renamed to
TLS X, X > 1.9?

-Brian

> Another reason to avoid 1.3 is Western culture negative connotations around
> "tls13" which TLS 1.3 will get abbreviated as.
>
> - Erik
>
>      [Sent from my IPv6 connected T-Mobile 4G LTE mobile device]
>
> On Aug 30, 2016 3:35 PM, "Dave Garrett" <davemgarrett@gmail.com>; wrote:
>
>> On Tuesday, August 30, 2016 02:36:51 pm Xiaoyin Liu wrote:
>> > I support this change as long as there is no technical change (version
>> ID remains 0x0304).
>>
>> To reiterate, I am also against changing the version ID. However, I do
>> think it's worth updating the context string version number, otherwise it'd
>> be a little unnecessarily confusing there. (trivial change to key
>> derivation, but not wire format) I've also made a point to tweak references
>> to the on-the-wire version value to refer to it as a "version ID" rather
>> than just version, to make it very clear that this is really just an
>> arbitrary codepoint and shouldn't be read as 3.4.
>>
>> I've made the changes for a WIP branch, here (not a PR, as of yet):
>> https://github.com/tlswg/tls13-spec/compare/master...
>> davegarrett:tls2rebranding
>>
>> Going through the motions of doing the renaming now is useful to see if
>> there's anything that is more affected than initially expected, such as the
>> context strings having the version in there directly as a string (they're
>> designed to be updated as-needed, so this shouldn't be a problem).
>>
>>
>> Dave
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls