Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)

Bill Frantz <frantz@pwpconsult.com> Wed, 11 December 2013 19:14 UTC

Return-Path: <frantz@pwpconsult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B82271AE133 for <tls@ietfa.amsl.com>; Wed, 11 Dec 2013 11:14:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MMKmThZyvy4X for <tls@ietfa.amsl.com>; Wed, 11 Dec 2013 11:14:29 -0800 (PST)
Received: from elasmtp-junco.atl.sa.earthlink.net (elasmtp-junco.atl.sa.earthlink.net [209.86.89.63]) by ietfa.amsl.com (Postfix) with ESMTP id 093441AE12C for <tls@ietf.org>; Wed, 11 Dec 2013 11:14:28 -0800 (PST)
Received: from [173.75.83.15] (helo=Williams-MacBook-Pro.local) by elasmtp-junco.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <frantz@pwpconsult.com>) id 1VqpEl-00023k-5N for tls@ietf.org; Wed, 11 Dec 2013 14:14:23 -0500
Date: Wed, 11 Dec 2013 11:14:17 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: tls@ietf.org
X-Priority: 3
In-Reply-To: <87ob4o1dbd.fsf@alice.fifthhorseman.net>
Message-ID: <r422Ps-1075i-15B42E388C15419DB07EA02DD7439CA7@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.3.1 (422)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec79864039514122a9b1a8db843d84d608b7350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 173.75.83.15
Subject: Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2013 19:14:31 -0000

 From the desires people are putting into tls 1.3 perhaps we are 
actually talking about tls 2.0.

We should not insist that a client using the new protocol be 
able to connect of a tls 1.2 server (or below) as a result of 
tls level negotiation. The fallback mechanisms in most browsers 
can cover that need. The extra design freedom will allow us to 
easily encrypt data that was previously sent in the clear 
without worrying about backward compatibility.

We may find the resulting simplicity a clear win.

I would be delighted to be wrong and see a simple tls 1.3 negotiation.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz        | Concurrency is hard. 12 out  | Periwinkle
(408)356-8506      | 10 programmers get it wrong. | 16345 
Englewood Ave
www.pwpconsult.com |                - Jeff Frantz | Los Gatos, 
CA 95032