Re: [TLS] TLS 1.3 process
Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 28 March 2014 03:32 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C67451A0046 for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 20:32:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id anlRrIv6U6FX for <tls@ietfa.amsl.com>; Thu, 27 Mar 2014 20:32:29 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) by ietfa.amsl.com (Postfix) with ESMTP id E69871A07C7 for <tls@ietf.org>; Thu, 27 Mar 2014 20:32:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1395977547; x=1427513547; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=HQiJ/a3l18iWDk6fkKsP0XQXET4pfMzdGsteW6NJkZs=; b=nXQWjo9K/T90tPqzpsl3kIgJXokxJqgcFPwJDyCxrxC9CQ0fRNeTFigi IKFw/MR3GLZJy8I9nLiQunyFX/eKGv3H/25We7A+BWZi/YuHsJ73TIjFr 62FNuNbT9qyoGxb+g2JJyJDLGujfsabAd2Lsov7U/glccL6pFg56egaNl Y=;
X-IronPort-AV: E=Sophos;i="4.97,747,1389697200"; d="scan'208";a="243355557"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.125 - Outgoing - Outgoing
Received: from uxchange10-fe3.uoa.auckland.ac.nz ([130.216.4.125]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 28 Mar 2014 16:32:25 +1300
Received: from UXCN10-6.UoA.auckland.ac.nz ([169.254.10.53]) by uxchange10-fe3.UoA.auckland.ac.nz ([130.216.4.125]) with mapi id 14.03.0174.001; Fri, 28 Mar 2014 16:32:25 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] TLS 1.3 process
Thread-Index: Ac9KNlWvN1Mk4NC+SlegrqcqK4PFzw==
Date: Fri, 28 Mar 2014 03:32:24 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C7372394B5F@uxcn10-6.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/_hPOgqVoQuSCfdt6hxsQNnpURW4
Subject: Re: [TLS] TLS 1.3 process
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 03:32:35 -0000
Trevor Perrin <trevp@trevp.net> writes: >* The WG chairs continue to encourage discussion of goals and design >alternatives for TLS 1.3. However, the WG holds off from making binding >decisions regarding TLS 1.3. > >* The WG encourages interested parties to submit proposals for TLS 1.3. > >* In X months time (4-6?), the WG chooses which proposal to adopt as the base >for TLS 1.3, and works to improve it for publication. +1. I haven't said much so far because it seems the 1.3 effort is making steady progress towards the design-by-committee mess that make IKEv1/IPsec such a winner, but I would much prefer the approach of "set boundaries, people have six months to submit designs, and then a bake-off". TLS 1.2, which seemed to consist mostly of gratuitous tweaking of 1.1, has taken years to see any uptake (SSL Pulse says about 30%, only slightly above SSLv2, and that's for the Alexa top 200K, not the entire net, which I'd expect to be far worse than that), if 1.3 is even more of 1.2 then who knows how long that'll take before we see any real uptake. In fact I'd be prepared to argue that any work on TLS 1.3 or 2 or whatever it's going to be is premature when the vast majority of the net doesn't even do TLS 1.1 yet, let alone 1.2. What we'll end up with is a bunch of major sites doing it and, over a period of several years, browsers gradually introducing support (Firefox took what, five years?). So if the history of TLS 1.1/1.2 is anything to go by, anything we standardise now may start seeing significant deployment in about the 2020-2025 time frame. Peter.
- [TLS] TLS 1.3 process Sean Turner
- Re: [TLS] TLS 1.3 process Trevor Perrin
- Re: [TLS] TLS 1.3 process Watson Ladd
- Re: [TLS] TLS 1.3 process Martin Thomson
- Re: [TLS] TLS 1.3 process Trevor Perrin
- Re: [TLS] TLS 1.3 process Salz, Rich
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Nikos Mavrogiannopoulos
- Re: [TLS] TLS 1.3 process t.petch
- Re: [TLS] TLS 1.3 process Stephen Farrell
- Re: [TLS] TLS 1.3 process Nikos Mavrogiannopoulos
- Re: [TLS] TLS 1.3 process Douglas Stebila
- Re: [TLS] TLS 1.3 process Salz, Rich
- Re: [TLS] TLS 1.3 process Watson Ladd
- Re: [TLS] TLS 1.3 process Dan Harkins
- Re: [TLS] TLS 1.3 process Nikos Mavrogiannopoulos
- Re: [TLS] TLS 1.3 process Adam Langley
- Re: [TLS] TLS 1.3 process Eric Rescorla
- Re: [TLS] TLS 1.3 process Watson Ladd
- Re: [TLS] TLS 1.3 process Trevor Perrin
- Re: [TLS] TLS 1.3 process Bill Frantz
- Re: [TLS] TLS 1.3 process Eric Rescorla
- Re: [TLS] TLS 1.3 process Dan Harkins
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Bill Frantz
- Re: [TLS] TLS 1.3 process Dan Harkins
- Re: [TLS] TLS 1.3 process Salz, Rich
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Bill Frantz
- Re: [TLS] TLS 1.3 process Dan Harkins
- Re: [TLS] TLS 1.3 process Watson Ladd
- Re: [TLS] TLS 1.3 process Dan Harkins
- Re: [TLS] TLS 1.3 process Peter Gutmann
- Re: [TLS] TLS 1.3 process Andy Lutomirski
- Re: [TLS] TLS 1.3 process henry.story@bblfish.net