Re: [TLS] TLS 1.3 process

Peter Gutmann <> Fri, 28 March 2014 03:32 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id C67451A0046 for <>; Thu, 27 Mar 2014 20:32:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id anlRrIv6U6FX for <>; Thu, 27 Mar 2014 20:32:29 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E69871A07C7 for <>; Thu, 27 Mar 2014 20:32:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=uoa; t=1395977547; x=1427513547; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=HQiJ/a3l18iWDk6fkKsP0XQXET4pfMzdGsteW6NJkZs=; b=nXQWjo9K/T90tPqzpsl3kIgJXokxJqgcFPwJDyCxrxC9CQ0fRNeTFigi IKFw/MR3GLZJy8I9nLiQunyFX/eKGv3H/25We7A+BWZi/YuHsJ73TIjFr 62FNuNbT9qyoGxb+g2JJyJDLGujfsabAd2Lsov7U/glccL6pFg56egaNl Y=;
X-IronPort-AV: E=Sophos;i="4.97,747,1389697200"; d="scan'208";a="243355557"
X-Ironport-Source: - Outgoing - Outgoing
Received: from ([]) by with ESMTP/TLS/AES128-SHA; 28 Mar 2014 16:32:25 +1300
Received: from ([]) by ([]) with mapi id 14.03.0174.001; Fri, 28 Mar 2014 16:32:25 +1300
From: Peter Gutmann <>
To: "<>" <>
Thread-Topic: [TLS] TLS 1.3 process
Thread-Index: Ac9KNlWvN1Mk4NC+SlegrqcqK4PFzw==
Date: Fri, 28 Mar 2014 03:32:24 +0000
Message-ID: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] TLS 1.3 process
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Mar 2014 03:32:35 -0000

Trevor Perrin <> writes:

>* The WG chairs continue to encourage discussion of goals and design
>alternatives for TLS 1.3.  However, the WG holds off from making binding
>decisions regarding TLS 1.3.
>* The WG encourages interested parties to submit proposals for TLS 1.3.
>* In X months time (4-6?), the WG chooses which proposal to adopt as the base
>for TLS 1.3, and works to improve it for publication.

+1.  I haven't said much so far because it seems the 1.3 effort is making
steady progress towards the design-by-committee mess that make IKEv1/IPsec
such a winner, but I would much prefer the approach of "set boundaries, people
have six months to submit designs, and then a bake-off".  TLS 1.2, which
seemed to consist mostly of gratuitous tweaking of 1.1, has taken years to see
any uptake (SSL Pulse says about 30%, only slightly above SSLv2, and that's
for the Alexa top 200K, not the entire net, which I'd expect to be far worse
than that), if 1.3 is even more of 1.2 then who knows how long that'll take
before we see any real uptake.

In fact I'd be prepared to argue that any work on TLS 1.3 or 2 or whatever
it's going to be is premature when the vast majority of the net doesn't even
do TLS 1.1 yet, let alone 1.2.  What we'll end up with is a bunch of major
sites doing it and, over a period of several years, browsers gradually
introducing support (Firefox took what, five years?).  So if the history of
TLS 1.1/1.2 is anything to go by, anything we standardise now may start
seeing significant deployment in about the 2020-2025 time frame.