IETF Logo Mail Archive

Re: [TLS] TLS 1.3 process

t.petch <ietfc@btconnect.com> Fri, 28 March 2014 10:24 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4850E1A04AB for <tls@ietfa.amsl.com>; Fri, 28 Mar 2014 03:24:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frp0UvZrE4nv for <tls@ietfa.amsl.com>; Fri, 28 Mar 2014 03:24:06 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1lp0011.outbound.protection.outlook.com [213.199.154.11]) by ietfa.amsl.com (Postfix) with ESMTP id 670BC1A010C for <tls@ietf.org>; Fri, 28 Mar 2014 03:24:06 -0700 (PDT)
Received: from DBXPRD0210HT002.eurprd02.prod.outlook.com (157.56.253.181) by AMSPR07MB050.eurprd07.prod.outlook.com (10.242.81.24) with Microsoft SMTP Server (TLS) id 15.0.908.10; Fri, 28 Mar 2014 10:23:58 +0000
Message-ID: <012701cf4a6f$06645e20$4001a8c0@gateway.2wire.net>
From: "t.petch" <ietfc@btconnect.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, tls@ietf.org
References: <9A043F3CF02CD34C8E74AC1594475C7372394B5F@uxcn10-6.UoA.auckland.ac.nz>
Date: Fri, 28 Mar 2014 10:14:14 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [157.56.253.181]
X-ClientProxiedBy: AMSPR07CA009.eurprd07.prod.outlook.com (10.242.77.177) To AMSPR07MB050.eurprd07.prod.outlook.com (10.242.81.24)
X-Forefront-PRVS: 01644DCF4A
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(13464003)(377454003)(199002)(189002)(20776003)(47776003)(63696002)(76786001)(77096001)(77156001)(76796001)(50466002)(94946001)(95416001)(95666003)(49866001)(47736001)(77982001)(59766001)(33646001)(50226001)(62236002)(4396001)(97186001)(44716002)(74366001)(97336001)(93136001)(80976001)(85852003)(56816005)(87286001)(87266001)(87976001)(88136002)(90146001)(23756003)(93516002)(93916002)(86362001)(94316002)(89996001)(92726001)(85306002)(83072002)(15975445006)(83322001)(92566001)(76482001)(19580405001)(54316002)(56776001)(61296002)(42186004)(81542001)(51856001)(19580395003)(53806001)(46102001)(31966008)(69226001)(74662001)(98676001)(50986001)(47976001)(62966002)(14496001)(81342001)(74502001)(66066001)(65816001)(80022001)(47446002)(74876001)(74706001)(74416001)(7726001); DIR:OUT; SFP:1101; SCL:1; SRVR:AMSPR07MB050; H:DBXPRD0210HT002.eurprd02.prod.outlook.com; FPR:3CE4D175.AD3285CA.BDFB7DA0.45DEFFF9.2034C; MLV:sfv; PTR:InfoNoRecords; A:0; MX:1; LANG:en;
Received-SPF: None (: btconnect.com does not designate permitted sender hosts)
X-OriginatorOrg: btconnect.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/vdCJfUfgQ-4VeuWP4ALCnTjIRH4
Subject: Re: [TLS] TLS 1.3 process
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 10:24:10 -0000

----- Original Message -----
From: "Peter Gutmann" <pgut001@cs.auckland.ac.nz>
To: <tls@ietf.org>
Sent: Friday, March 28, 2014 3:32 AM
> Trevor Perrin <trevp@trevp.net> writes:
>
<snip>
> +1.  I haven't said much so far because it seems the 1.3 effort is
making
> steady progress towards the design-by-committee mess that make
IKEv1/IPsec
> such a winner, but I would much prefer the approach of "set
boundaries, people
> have six months to submit designs, and then a bake-off".  TLS 1.2,
which
> seemed to consist mostly of gratuitous tweaking of 1.1, has taken
years to see
> any uptake (SSL Pulse says about 30%, only slightly above SSLv2, and
that's
> for the Alexa top 200K, not the entire net, which I'd expect to be far
worse
> than that), if 1.3 is even more of 1.2 then who knows how long that'll
take
> before we see any real uptake.
>
> In fact I'd be prepared to argue that any work on TLS 1.3 or 2 or
whatever
> it's going to be is premature when the vast majority of the net
doesn't even
> do TLS 1.1 yet, let alone 1.2.  What we'll end up with is a bunch of
major
> sites doing it and, over a period of several years, browsers gradually
> introducing support (Firefox took what, five years?).  So if the
history of
> TLS 1.1/1.2 is anything to go by, anything we standardise now may
start
> seeing significant deployment in about the 2020-2025 time frame.

True, but I see another requirement on the TLS WG.  As and when we
become aware of a new and credible threat, then we should develop a
counter for it so that when disaster strikes some part of the Internet
as a result of an attack based on the threat, we can say, 'Here is the
solution, go implement'.

Tom Petch







>
> Peter.
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email