Return-Path: <hanno@hboeck.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id B093012DAD1
 for <tls@ietfa.amsl.com>; Wed, 20 Jul 2016 03:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level: 
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id W8WW-Q3tyEQU for <tls@ietfa.amsl.com>;
 Wed, 20 Jul 2016 03:01:36 -0700 (PDT)
Received: from zucker2.schokokeks.org (zucker2.schokokeks.org [178.63.68.90])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 84C1212DA51
 for <tls@ietf.org>; Wed, 20 Jul 2016 03:01:36 -0700 (PDT)
Received: from pc1 ([::ffff:89.15.236.146])
 (AUTH: LOGIN hanno-default@schokokeks.org, TLS: TLSv1/SSLv3, 256bits,
 ECDHE-RSA-AES256-GCM-SHA384)
 by zucker.schokokeks.org with ESMTPSA; Wed, 20 Jul 2016 12:01:34 +0200
 id 0000000000000029.00000000578F4BFE.000079B8
Date: Wed, 20 Jul 2016 12:01:25 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@hboeck.de>
To: tls@ietf.org
Message-ID: <20160720120125.43f61155@pc1>
In-Reply-To: <2867948.pp4OFeU9TP@pintsize.usersys.redhat.com>
References: <20160718130843.0320d43f@pc1>
 <1735315.hXCMA8agXV@pintsize.usersys.redhat.com>
 <2867948.pp4OFeU9TP@pintsize.usersys.redhat.com>
X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.30; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="=_zucker.schokokeks.org-31160-1469008894-0001-2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fvGKW5fD-MYSKc0gAQY7NJKqsTk>
Subject: Re: [TLS] Thoughts on Version Intolerance
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
 group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
 <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
 <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2016 10:01:44 -0000

This is a MIME-formatted message.  If you see this text it means that your
E-mail software does not support MIME-formatted messages.

--=_zucker.schokokeks.org-31160-1469008894-0001-2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Wed, 20 Jul 2016 11:20:46 +0200
Hubert Kario <hkario@redhat.com> wrote:

> so it looks to me like while we may gain a bit of compatibility by
> using extension based mechanism to indicate TLSv1.3,

Just quick: This was discussed yesterday, David Benjamin had an
interesting proposal, but it was largely met with resistance. So from
the WG discussion yesterday I had the impression that we will most
likely stay with the existing clienthello version mechanism. While that
will cause us more trouble, it's probably the cleaner option anyway. So
we definitely should continue investigating version intolerance and
tell people to fix their stuff.

I'm now also collecting some data and have some preliminary
suspicion on affected devices. My numbers roughly match yours that we
are in the more or less 3% area of 1.3 intolerance.

--=20
Hanno B=C3=B6ck
https://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: BBB51E42

--=_zucker.schokokeks.org-31160-1469008894-0001-2
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJXj0v1AAoJEKWIAHK7tR5CsggQAIK/nRF8MXxRzUEWejReCPHS
lKl2kMUTCDSvChbhoddN856+O4Ba70IfAbAL/ESxl6MJyKDW3TK3cRPPxIDGho5O
GfXH4wV/RWrsha2Y+KtR+bdpfwWQMyOyjCF7Yrk9/ipHjAk68MirIQ53p5bYanHp
RhXnGNvXq377uLkNAzFfnisYhEahGzXPusfbcG8pSHLFVxV9L0LlpAiR/+plMfVx
SglG8nHlw/7vDVD3SPnoMq1h1zGAXc4boY5diWj04WgoumirX5pOpx86QlJutL17
ekP/SXO5Zp/v8OV1/Fwn3gwi0iB+TUUcrSm3NBYzL3CI9NB7r9i1TYGZpCrH78G6
qhOVG/qJE8/r000ZctYAJmktHb9kBtj/LW4ehYtnMbv87WOr2KyiVDU2vA9peqH7
EluJ52YmuQtPM3X2pIUC8i7/st01G6dbu1+/gvb5MtlpaitEYu/t9lv5U/Gbgo16
YCX/B7lW2BfzMnPj9O2bUzXMAGDQ8Ow4nz+h7uRASacl+loSxu1R9LeS38vJ4Uwn
toGeiF3Sk9zJQXso6eZJus2Ulc6iF2Oa8rHX2PQo6kjc4J+32tYXxJmFmNgkdHqz
P8EzpPALF7R2cMKH+xFj9Jwkc5TezMmfRAOp7A7nsxgEwUXHBJlqaHVNbo3+3DwT
Vy2Vo1jk1s1RifNyvH6C
=xvlS
-----END PGP SIGNATURE-----

--=_zucker.schokokeks.org-31160-1469008894-0001-2--