Re: [TLS] Next protocol negotiation

Adam Langley <> Wed, 20 January 2010 15:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 29A663A6A8E for <>; Wed, 20 Jan 2010 07:57:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -106.477
X-Spam-Status: No, score=-106.477 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XCc0+RFZLl7F for <>; Wed, 20 Jan 2010 07:57:39 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 29C2A3A6A61 for <>; Wed, 20 Jan 2010 07:57:39 -0800 (PST)
Received: from ( []) by with ESMTP id o0KFvXXC005378 for <>; Wed, 20 Jan 2010 15:57:33 GMT
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;; s=beta; t=1264003053; bh=4npLwODVK01doQzthGTTV4+RSvk=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type; b=AU17wxnx4uv/ytNYMrRxjZgTZow6XciUKVn4khkyb0vUADeqFrqVzWjtjqY+P4g9F myW5XJGFFocgIRuX5zBWA==
DomainKey-Signature: a=rsa-sha1; s=beta;; c=nofws; q=dns; h=mime-version:in-reply-to:references:date:message-id:subject:from:to: cc:content-type:x-system-of-record; b=aAW7gfvVvSPbZPq2RHGBaPFsKv7t0WqNqTj+CDcYieyXl3hPuaJ+scu6dZ76ROdCW M/xE6vczutErLzQrZo15A==
Received: from pzk34 ( []) by with ESMTP id o0KFvVuS008138 for <>; Wed, 20 Jan 2010 07:57:32 -0800
Received: by pzk34 with SMTP id 34so4058803pzk.11 for <>; Wed, 20 Jan 2010 07:57:31 -0800 (PST)
MIME-Version: 1.0
Received: by with SMTP id x39mr94232wfi.213.1264003051425; Wed, 20 Jan 2010 07:57:31 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <>
Date: Wed, 20 Jan 2010 07:57:31 -0800
Message-ID: <>
From: Adam Langley <>
To: Nikos Mavrogiannopoulos <>
Content-Type: text/plain; charset="UTF-8"
X-System-Of-Record: true
Subject: Re: [TLS] Next protocol negotiation
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 20 Jan 2010 15:57:40 -0000

On Wed, Jan 20, 2010 at 7:39 AM, Nikos Mavrogiannopoulos
<> wrote:
> Ok now I see your point. However I still suggest solving issues at the
> appropriate layer, even that has some performance cost.

The appropriate layer for protocol disambiguation is TCP.
Unfortunately, this mechanism has stopped functioning for practical
purposes and we're aware that we aren't the only group facing this

Burning an additional round trip on protocol discovery is unacceptable
for us[1]. 200ms is a good round-trip time on a 3G network and the
nature of web content means that progressive discovery of additional
resources amplifies this delay.

Also, consider that without a suitable mechanism, we might be
condemning future protocols to forever limiting their initial
handshake to something that is HTTP compatible. We (Google) don't mind
putting in the work to make more fundamental changes but others,
perhaps, would choose not to for reasons of expediency, and would pay
this technical debt forever more.