Re: [TLS] "Draft Version" extension

Eric Rescorla <ekr@rtfm.com> Mon, 11 August 2014 17:27 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 046DC1A045E for <tls@ietfa.amsl.com>; Mon, 11 Aug 2014 10:27:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dwqMQnZnI3_7 for <tls@ietfa.amsl.com>; Mon, 11 Aug 2014 10:27:02 -0700 (PDT)
Received: from mail-wg0-f47.google.com (mail-wg0-f47.google.com [74.125.82.47]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E4971A0037 for <tls@ietf.org>; Mon, 11 Aug 2014 10:27:02 -0700 (PDT)
Received: by mail-wg0-f47.google.com with SMTP id b13so8653355wgh.6 for <tls@ietf.org>; Mon, 11 Aug 2014 10:27:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=vsfDBdv3lN3NkOMznYJUzpdF+8nXBGGccNl1p0UCLHA=; b=Sy1YOo6m2c8YkkPyoiMDJSZSvLjUhzr1QIZzlDKE98pQt7k2ArNsaAVclPAqBEzx5A vK+89Tyk47eoZ0W+xtkefCXiMEh7yraQM8hfcANHktJPZgyd0TVJB0sz4/jNHyxFpjk9 QxYsABMK1m0dapMVeB6WTRR+s5oH0cO5+/GzCbppXQFG0N7n3JakoHHZW7vknVTFi3t5 uvIEgApu0iSeqZ7mCRny9p7cWMztw1o0Snz6Y0uGIoRRVeAzrSvod9YgukYfHSETAxat IMNcpn682Fn3ft8895gZXH69zFzlJRh4zN3u4jdc000jOUTs4Te/Sdzm1RiZ4fQlOol+ CW0g==
X-Gm-Message-State: ALoCoQnlcQSCbIKn5Z/gP4A1UyoJILq641nxGEck06abiJLK7s0rN1418yUUesZDtHJPujnbqWcn
X-Received: by 10.180.186.3 with SMTP id fg3mr20754458wic.78.1407778021024; Mon, 11 Aug 2014 10:27:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.217.128.12 with HTTP; Mon, 11 Aug 2014 10:26:20 -0700 (PDT)
X-Originating-IP: [2620:101:80fc:232:6049:62d9:3779:ea46]
In-Reply-To: <CACsn0ck7KKcRYJfCeXJkKD_bp=j5X3EPyw6MNKb94ywK8sYUsA@mail.gmail.com>
References: <CABcZeBN_Pi+6Bythe98VaVL09afZzdM8rB8weEZUkzmpk5nmmA@mail.gmail.com> <CACsn0ck7KKcRYJfCeXJkKD_bp=j5X3EPyw6MNKb94ywK8sYUsA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 11 Aug 2014 10:26:20 -0700
Message-ID: <CABcZeBO4iLjJ3kibAK3SFCRgggN1Ca9JdCR_3i4ROXr+v64W9g@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Content-Type: multipart/alternative; boundary=001a11c26aceddbe1105005ddc75
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/hsEvAGJ3cS-Z2J2A2T6oBOqjHT4
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] "Draft Version" extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Aug 2014 17:27:04 -0000

On Mon, Aug 11, 2014 at 10:15 AM, Watson Ladd <watsonbladd@gmail.com> wrote:

>
> On Aug 11, 2014 9:55 AM, "Eric Rescorla" <ekr@rtfm.com> wrote:
> >
> > Experience with HTTP 2 has shown that it's convenient to be able to
> > distinguish which draft version you're implementing so you don't end
> > worrying about interop between various I-D versions. Accordingly,
> > for TLS 1.3 I'd like to define a temporary extension that indicates which
> > TLS 1.3 draft it implements. The idea here is that the client would
> signal
> > TLS 1.3 and then "draft 3" and the server would only negotiate 1.3 if
> > it had a compatible draft. Otherwise it would fall back to TLS 1.2.
>
> How would the server negotiate v2 vs v3?
>

You negotiate TLS 1.2 versus TLS 1.3 via the usual mechanism, I.e., the
version
in the ClientHello.

-Ekr