Re: [TLS] TLS 1.3 -> TLS 2.0?

Andrei Popov <> Tue, 30 August 2016 18:33 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9BC3812D7C5 for <>; Tue, 30 Aug 2016 11:33:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.497
X-Spam-Status: No, score=-0.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IncmttEALg7K for <>; Tue, 30 Aug 2016 11:33:11 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 43CD212D7BC for <>; Tue, 30 Aug 2016 11:33:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=P1mmn+4HfSjyXvQb2VYSWBv8vUtte1tDOE6d3KNZv98=; b=BJbbiGZGzWM798yfO1ZCze/tSUgh73a+e8A5JdPBeVqZuQ8YvCsOb/nH2zHrQpAS3PjYsqMNz5n9ndAEHOWZcRJ2P7K3D/3U6ld4ud0Czxcl4vdDI8Cs4fFUQcDgW1AJcmXBlrGarRQIstUSoT7KY9kTMOiI36GkHqoyNEy/qRo=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.599.9; Tue, 30 Aug 2016 18:33:07 +0000
Received: from ([]) by ([]) with mapi id 15.01.0599.010; Tue, 30 Aug 2016 18:33:07 +0000
From: Andrei Popov <>
To: Dave Garrett <>, "" <>
Thread-Topic: [TLS] TLS 1.3 -> TLS 2.0?
Thread-Index: AQHSAusYjJy9RihUK02VuirsRGaRIKBh0wSg
Date: Tue, 30 Aug 2016 18:33:05 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: [2001:4898:80e8:9::1d2]
x-ms-office365-filtering-correlation-id: 13ea3ae4-a800-4a38-c7b1-08d3d104163c
x-microsoft-exchange-diagnostics: 1; CY1PR0301MB0842; 6:uok8E64kBmyP5LyKcQfesok0FrLSByyWer0MgFRNKFMctPKSTTVMQS4+HPKnoJVTXmW6W3s1KyeKaDme8SpcimwdqNSuq25VEE9anYwbTRthYJrEFa1Ge6oRyk4AEfDQiFqJhR7188eqnJe4Ms8rCU+IngvDtGG1LY8Y4FWsXAINew37qH9nB+ynxdLtod6Qcd9Wf+KKRDV3Kr1We9wjMxfbe7/kPfc7qhGk5hFGYyj5QiPcGNcr0A7yQELuGMCnvcT0msUmxedEVHybTxoEXPll7MZkLlG+cT+6BdIGNEjNx/v3Ldr4GAX69zvFqe/2VjOmqEBjmdUzWxrwaAFo1Q==; 5:HTrFwd/UnUhdgE/rh3KMmPAMVP90yt4SQfbx5IlR/iAxk7X4eVgRkeyYwTgVzhVGQ30jAJfADFa1w2f5gTiO+GPPg2MXb9dV0NE9eS+/x6gQ8cWlTKKTa/UiDdTVu8ZOaSiZYF13rNfujMARjl8OrA==; 24:3xQaMM9iRBjit/F58z0vJuPHfEeYU2cN9sFT9zP0rVnz0zFFG4sJQg9OpO/izLemSrj99eMmAd5oLG9YGK4t4dq2xG8wc6BDOOiry8OJkYw=; 7:ONcQFvn+I3OGJW0Srxnarm93eqnh5GSuoJ5hceYKXHKdOJj91KanPhOtqfu+lp49+8uYloDAsmZzcl19szS/W9q/DmG6NKhVW+1WTQSnKEcvj6UpmlG12wb5j0AnlJ10XLV+sb+vyGGTVR9olzrPrSdu79bYlbmLhU9mrIZtRBgex1Y2kg+x+WTBW1mCsHv46PFW85TFoklaej4Hvs9CZWgnyD1A+GdGpIeSwXDu6TyQDR+I21TYlLtMhEYeXSRM
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB0842;
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(61426038)(61427038); SRVR:CY1PR0301MB0842; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0301MB0842;
x-forefront-prvs: 0050CEFE70
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(377454003)(13464003)(199003)(189002)(5002640100001)(76576001)(122556002)(6116002)(77096005)(86362001)(15975445007)(102836003)(2501003)(5660300001)(107886002)(106356001)(5001770100001)(586003)(3280700002)(19580405001)(2906002)(97736004)(189998001)(2950100001)(92566002)(8936002)(2900100001)(19580395003)(5005710100001)(105586002)(87936001)(86612001)(10290500002)(33656002)(50986999)(101416001)(106116001)(8990500004)(7846002)(54356999)(305945005)(74316002)(10400500002)(76176999)(7696003)(9686002)(7736002)(10090500001)(3660700001)(68736007)(81156014)(99286002)(8676002)(81166006)(11100500001)(561944003)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB0842;; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Aug 2016 18:33:05.5384 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB0842
Archived-At: <>
Subject: Re: [TLS] TLS 1.3 -> TLS 2.0?
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 30 Aug 2016 18:33:12 -0000

This proposal makes a lot of sense to me. I've had numerous conversations explaining to folks that TLS 1.3 is really TLS 2.0.



-----Original Message-----
From: TLS [] On Behalf Of Dave Garrett
Sent: Tuesday, August 30, 2016 11:20 AM
Subject: [TLS] TLS 1.3 -> TLS 2.0?

I occasionally see people ask why we're calling it TLS 1.3 when so much has changed, and I used to simply think that it was too bikesheddy to bother changing at this point. However, now that we've redone negotiation, we have new TLS 1.3+ only cipher suites. The old are not compatible with the new (new codepoints needed for old ciphers) and the new are not backwards compatible with the old (they'll just be ignored). We actually risk misconfiguration in the future if the distinction isn't made clear. I think it's time we just renamed TLS 1.3 to TLS 2.0. There are major changes, so labeling it a major version seems more appropriate.

Note that contrary to what some people seem to think, version numbers are not completely without meaning. To someone who doesn't really know/care that much what TLS is, making sure to use the latest major version of a security protocol carries more weight than a minor version. It also makes it clear that there are new features here (e.g. 0-RTT). There's some de facto standardization in versioning which does carry some useful information. We're not just dealing with programmers here; this stuff needs to be clear for managers and non-professionals. If we want to get everyone upgraded eventually, messaging is important.

Specific proposed changes:
* Mass rename TLS 1.3 to TLS 2.0 in all places (or TLS 2)
* Keep the version ID as { 3, 4 } (already weird counting; changing risks more intolerance)
* Rename the new cipher suites to have a "TLS2_" prefix to be less confusing for the registry & end configuration
* Add a sentence noting the development history here, and that all documents that refer to TLS 1.3 refer to TLS 2.0 (e.g. HTTP/2)

This is a relatively simple set of changes to make that I think can be beneficial in the long run, and is essentially just editorial. Rebranding might not be something everyone really wants to bother with, but if we expect this to be in use for a decade or more (whether we like it or not), we should probably make sure to be as clear as possible at the start.


TLS mailing list