Re: [TLS] This working group has failed

Ralph Holz <holz@net.in.tum.de> Sat, 16 November 2013 19:36 UTC

Return-Path: <holz@net.in.tum.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A41611E817C for <tls@ietfa.amsl.com>; Sat, 16 Nov 2013 11:36:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.902
X-Spam-Level:
X-Spam-Status: No, score=0.902 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HELO_EQ_DE=0.35, MISSING_HEADERS=1.292]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3TuF+IneWyKZ for <tls@ietfa.amsl.com>; Sat, 16 Nov 2013 11:35:57 -0800 (PST)
Received: from smtp.serverkommune.de (serverkommune.de [176.9.61.43]) by ietfa.amsl.com (Postfix) with ESMTP id 72C2C11E8123 for <tls@ietf.org>; Sat, 16 Nov 2013 11:35:57 -0800 (PST)
Received: by smtp.serverkommune.de (Postfix, from userid 5001) id 6575B80975; Sat, 16 Nov 2013 20:35:54 +0100 (CET)
Received: from [131.159.20.131] (ex6.serverkommune.de [176.9.61.43]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.serverkommune.de (Postfix) with ESMTPSA id 1444880374 for <tls@ietf.org>; Sat, 16 Nov 2013 20:35:49 +0100 (CET)
Message-ID: <5287C95A.20906@net.in.tum.de>
Date: Sat, 16 Nov 2013 20:36:58 +0100
From: Ralph Holz <holz@net.in.tum.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
CC: tls@ietf.org
References: <CACsn0c=i2NX2CZ=Md2X+WM=RM8jAysaenz6oCxmoPt+LC5wvjA@mail.gmail.com> <6.2.5.6.2.20131116065610.0c538678@resistor.net>
In-Reply-To: <6.2.5.6.2.20131116065610.0c538678@resistor.net>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.97.8 at ex6
X-Virus-Status: Clean
Subject: Re: [TLS] This working group has failed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Nov 2013 19:36:23 -0000

Hi,

> It is well-known that TLS 1.2 was not getting deployed.  There are two
> libraries which are widely used.  If one of them does not support TLS

FWIW: When we recently scanned IPv4 with a standard openssl, we found
about 33M hosts that supported SSL3 or higher, and 14% of them accepted
our offer of TLSv1.2.

Ralph

-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF