Re: [TLS] TLS 1.3 -> TLS 2.0?

Xiaoyin Liu <xiaoyin.l@outlook.com> Wed, 31 August 2016 09:35 UTC

Return-Path: <xiaoyin.l@outlook.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFCB612D8D1 for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 02:35:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.487
X-Spam-Level:
X-Spam-Status: No, score=0.487 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JBiCkWomq4fk for <tls@ietfa.amsl.com>; Wed, 31 Aug 2016 02:35:55 -0700 (PDT)
Received: from COL004-OMC2S9.hotmail.com (col004-omc2s9.hotmail.com [65.55.34.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA6DD12D0CB for <tls@ietf.org>; Wed, 31 Aug 2016 02:35:51 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com ([65.55.34.73]) by COL004-OMC2S9.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Wed, 31 Aug 2016 02:35:51 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RToSeoXhleq4d65zll8OC4yAYCV9QxUakXBB4/fFq2A=; b=dsVy4dthxZWltYE2u8xJEZG7IE40vUJV5x4Us45ix6YeDbSGruswWTtAFcs65/+8uig+Xph65pmy5UUcbpF9UH3+y/y/cdHcH7P2WstkVW7yVw0AvPinItmBy8T2vIIJN75Uk+OumX8ce6ZOEBFjn4sdqVVlYwnazESzNQmDZgh4vwcOW6Nd4IEesf0sYLz9e+d9YJ6r/8waV0YJ/CbxMFwqSPPwpxOw51JFTX9DRbUKL7S5YMX0G5ldy98DFyp5Q8GzWGbP4jLsl/FluSrS+xDFsghzIKg9BB82822oVXqTxYaZZcbuTRiUAwP/ZH5ZlmdOAuZivJUGGjIHwlAKVw==
Received: from BN3NAM01FT020.eop-nam01.prod.protection.outlook.com (10.152.66.58) by BN3NAM01HT201.eop-nam01.prod.protection.outlook.com (10.152.66.205) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.587.6; Wed, 31 Aug 2016 09:35:49 +0000
Received: from CY1PR15MB0778.namprd15.prod.outlook.com (10.152.66.55) by BN3NAM01FT020.mail.protection.outlook.com (10.152.67.227) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.587.6 via Frontend Transport; Wed, 31 Aug 2016 09:35:49 +0000
Received: from CY1PR15MB0778.namprd15.prod.outlook.com ([10.169.22.10]) by CY1PR15MB0778.namprd15.prod.outlook.com ([10.169.22.10]) with mapi id 15.01.0587.013; Wed, 31 Aug 2016 09:35:47 +0000
From: Xiaoyin Liu <xiaoyin.l@outlook.com>
To: Hubert Kario <hkario@redhat.com>
Thread-Topic: [TLS] TLS 1.3 -> TLS 2.0?
Thread-Index: AQHSAvscyIlLjDDf4Uiibi8FH237r6BiDNqwgAC174CAAACY8A==
Date: Wed, 31 Aug 2016 09:35:47 +0000
Message-ID: <CY1PR15MB0778BCCFB5DC5DFB4C21318CFFE30@CY1PR15MB0778.namprd15.prod.outlook.com>
References: <201608301419.33620.davemgarrett@gmail.com> <2135572.Ea2pKTvtKx@pintsize.usersys.redhat.com> <CY1PR15MB07780CDB0A0EC9FD5FA4DF05FFE00@CY1PR15MB0778.namprd15.prod.outlook.com> <3453142.248EJ6K14H@pintsize.usersys.redhat.com>
In-Reply-To: <3453142.248EJ6K14H@pintsize.usersys.redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=softfail (sender IP is 10.152.66.55) smtp.mailfrom=outlook.com; redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=fail action=none header.from=outlook.com;
received-spf: SoftFail (protection.outlook.com: domain of transitioning outlook.com discourages use of 10.152.66.55 as permitted sender)
x-tmn: [DKQvYdT8Sm6o2uGpMqOiNrflEtL4+qhq]
x-eopattributedmessage: 0
x-forefront-antispam-report: CIP:10.152.66.55; IPV:NLI; CTRY:; EFV:NLI; SFV:NSPM; SFS:(10019020)(98900003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3NAM01HT201; H:CY1PR15MB0778.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en;
x-microsoft-exchange-diagnostics: 1; BN3NAM01HT201; 6:sSJZwOWI5XKOu12Fi8G2Xej1hGy0xJm79hb9XovRRfsiKOhPuowWPr7kr2DjvReLaE29ZN46PLotSp4l/xRHfNsJe2UFpe8eFVCpFxXEXfp/aJMXFi+ciBxmn3tp7QQEeQ5ZBAkbdv6gXtTAe0M1RrN4I/i6qBlBsUpbg5Y5c2SvaphcIHNAvFnOZDdFu3Xpt0MWegPcew43S87oC0zBAD3b+YL6gF1jIvenKn2GWbDJ/cwj7d+whhM5BgBp2dQnRCPNdD+7/j8oLL6zBaaedJeRmGAEgqEpTJZsbG7ZyuGWtU7Nn3/KaFE/OsApRD21; 5:Hu3iK4GcUz3JqyxtOhGVs7CZx1d2yO8iO93Mp+KIBG/DGMOHo4cqcVJZZQCrlf3vs5RByUGjGWEEAZ2np+OrcWAN4yDvcQl7JkX5hw7aAYDDjtYXdQN+XIMmlgu08jwqpec4oKlxn8Gpg5PLYB14jQ==; 24:sH+0+7zIoVKZt2SvWtqVOxe860ru6oeC6uX+ANv8EKLLIdrl1D0SzBP/Ssf1UGc+lAU6ul6K89W18yX01pGI/8Br4pxbRVD9pKFLvwTKVpw=; 7:EBLjuRAQdFkNlgCHGHtXXjDxp5L3R0XQ8oR52O3yhiZGoJete41dS6BPGLvmdwt1PIlPEMQ5UJ3hK2c9/fnD5Ihbp2hegl9N8WH3z1Ppu7i5+n1UBioR6zRBc9+9Gu6zO31o4j3q6Vm/DRBm9TahzAhcOH8DeGkZcfd/osmg6q7GydaQvzPiuWZOpiSR7BjDiEToVPqugHE/EkXTz73KJ5/mSEi+WPQytuwHynnR7ZXAO8V/ky5N/YKGdEIifDWs
x-ms-office365-filtering-correlation-id: 4cbecd44-21b0-42b1-d541-08d3d1823082
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(1601124038)(1603103074)(1601125047); SRVR:BN3NAM01HT201;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(432015012)(82015046); SRVR:BN3NAM01HT201; BCL:0; PCL:0; RULEID:; SRVR:BN3NAM01HT201;
x-forefront-prvs: 00514A2FE6
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Aug 2016 09:35:47.6483 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3NAM01HT201
X-OriginalArrivalTime: 31 Aug 2016 09:35:51.0539 (UTC) FILETIME=[1033F430:01D2036B]
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gQvPPavvtlHPHFK3LSFhshFJ3rs>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 09:35:56 -0000

> From: Hubert Kario [mailto:hkario@redhat.com]
> Sent: Wednesday, August 31, 2016 4:48 AM
> To: Xiaoyin Liu <xiaoyin.l@outlook.com>
> Cc: tls@ietf.org
> Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
> 
> On Tuesday, 30 August 2016 22:20:45 CEST Xiaoyin Liu wrote:
> > > -----Original Message-----
> > > From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Hubert Kario
> > > Sent: Tuesday, August 30, 2016 4:14 PM
> > > To: tls@ietf.org
> > > Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
> > >
> > > On Tuesday, 30 August 2016 14:19:33 CEST Dave Garrett wrote:
> > >
> > > > * Keep the version ID as { 3, 4 } (already weird counting;
> > > > changing risks more intolerance)
> > >
> > >
> > > IMNSHO this alone is enough of a reason not to do this
> > >
> > > it's enough explaining to people that SSLv3.3 is really TLSv1.2, now
> > > we'll have
>  SSLv3.4 == TLSv1.3 == TLSv2.0
> >
> >
> > I don't think this is a problem. People will forget "TLS 1.3" and will
> > only remember "TLS 2.0" after some time.
> 
> well, that's not the experience of our support engineers, people still confuse
> SSLv3 with TLSv<any>

It's normal that people confuse SSLv3 with TLS. SSL 3.0 was a released and widely deployed protocol, and the term "SSL" is still widely used today to refer to TLS. But the situation is much better if we rename TLS 1.3: TLS 1.3 spec has not been released, it is not supported by any non-testing clients or servers, and there are not many documents, papers or blogs mentioning TLS 1.3. This is why I said "TLS 1.3" is similar to "Windows 9" in terms of naming.

> if the WG really wants a TLSvX.0 name, the X really should be bigger than 3
> 

Well, I prefer TLS 2.0, because it sounds more natural that major version 2 comes after major version 1. But TLS {>3}.0 is also fine to me, if the WG thinks people may get confused between SSL 2.0 and TLS 2.0.

Xiaoyin