Re: [TLS] TLS 1.3 -> TLS 2.0?

Dave Garrett <davemgarrett@gmail.com> Tue, 30 August 2016 19:35 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF8A712D7F4 for <tls@ietfa.amsl.com>; Tue, 30 Aug 2016 12:35:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.194
X-Spam-Level:
X-Spam-Status: No, score=-1.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dt8QLGOjgdG4 for <tls@ietfa.amsl.com>; Tue, 30 Aug 2016 12:35:31 -0700 (PDT)
Received: from mail-qk0-x22e.google.com (mail-qk0-x22e.google.com [IPv6:2607:f8b0:400d:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C576512D7E2 for <tls@ietf.org>; Tue, 30 Aug 2016 12:29:51 -0700 (PDT)
Received: by mail-qk0-x22e.google.com with SMTP id l2so29469807qkf.3 for <tls@ietf.org>; Tue, 30 Aug 2016 12:29:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=SqIWAyRYicdY74vSavv90R6V0VF4N/QRt46Jo00pnZI=; b=C0CyRXC1CYwHe+O6xpgWVOeipS1FkXv96z1NrnI2N6YfdiKIPxM7wXqGrqv5ZN9mIK RDD0vrq+VsQmgxFc0IY88J0uiC9ZYL52SQUYv/rmwzJdsg+4KGSZcm3KE+k9Gel8j/5b odpGqPjlzAecn1yN2zw/I0RPyYMNd98yXyhXG+Tf60yNSYDnKjA2UyuNjEGtn+t0YBg7 Zh+LDlBFpXmFvJWqJ1iK8jWaYNZpaevR9Xkvbpkr0IZVjGZmVnrETZ11ug3Zsal8ZYI2 vIpVH8FBfTj71SoHDNe7I2s4XNULeX3jieF8bKI4lVYOIj67pHBRemyfrBjA/StB8hkN jMSg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=SqIWAyRYicdY74vSavv90R6V0VF4N/QRt46Jo00pnZI=; b=L/95D+DnETRcX8Z754CXZrYT9L+u62l/AXwaNp+q+NjEPOgRBBG74ftVj+HosopnV4 nO8WTkKYl6ZFpKpt4FitmBWMOc8XzLwL/5rKw1PcwmH1bN7HOek/VP+OvAcW8SH7JNZb 93+bceOolr93LeWb/GjpNMYxD3FOKX1og2hnwRx6T65n73wVX84D5wjW7vRFGk9kVyAn V2DXO/hCXxXqdYCkphbHXGx2AtmRePbR5Af/9+HR2b0fHuNKGR2a331J/NZKzkSmoKEW Q7VkPVpwlNa1vyJdmQ3nMhmflabmZNhFRVLL2APH6PiFeLmWdW4+QI3B0jq+Y7XnPIfs QFzw==
X-Gm-Message-State: AE9vXwMhiVpXtFkVNkZvCxSRctL1aq8EQugcjG90uhyBiPooMQaJHe0rs5KYrZOMHCen3g==
X-Received: by 10.55.25.40 with SMTP id k40mr6642880qkh.230.1472585391012; Tue, 30 Aug 2016 12:29:51 -0700 (PDT)
Received: from dave-laptop.localnet (pool-71-185-27-22.phlapa.fios.verizon.net. [71.185.27.22]) by smtp.gmail.com with ESMTPSA id n55sm10095581qtb.11.2016.08.30.12.29.50 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 30 Aug 2016 12:29:50 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: Xiaoyin Liu <xiaoyin.l@outlook.com>
Date: Tue, 30 Aug 2016 15:29:49 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <201608301419.33620.davemgarrett@gmail.com> <CY1PR15MB077803AB565FB6CD20098CEAFFE00@CY1PR15MB0778.namprd15.prod.outlook.com>
In-Reply-To: <CY1PR15MB077803AB565FB6CD20098CEAFFE00@CY1PR15MB0778.namprd15.prod.outlook.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201608301529.49488.davemgarrett@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/WhJdV3gIpgWrWdK8ZfZvViVxlbo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Aug 2016 19:35:33 -0000

On Tuesday, August 30, 2016 02:36:51 pm Xiaoyin Liu wrote:
> I support this change as long as there is no technical change (version ID remains 0x0304).

To reiterate, I am also against changing the version ID. However, I do think it's worth updating the context string version number, otherwise it'd be a little unnecessarily confusing there. (trivial change to key derivation, but not wire format) I've also made a point to tweak references to the on-the-wire version value to refer to it as a "version ID" rather than just version, to make it very clear that this is really just an arbitrary codepoint and shouldn't be read as 3.4.

I've made the changes for a WIP branch, here (not a PR, as of yet):
https://github.com/tlswg/tls13-spec/compare/master...davegarrett:tls2rebranding

Going through the motions of doing the renaming now is useful to see if there's anything that is more affected than initially expected, such as the context strings having the version in there directly as a string (they're designed to be updated as-needed, so this shouldn't be a problem).


Dave