Re: [TLS] [Cfrg] 3DES diediedie

David McGrew (mcgrew) writes: >See for instance slides 8 and 9 of Daniel Shumow's talk at NIST’s LWC >workshop last year: >http://csrc.nist.gov/groups/ST/lwc-workshop2015/presentations/session4-shumow.pdf So looking at slide 6 from that, the first four systems he lists are desktop PCs (in all bu

Re: [TLS] [Cfrg] 3DES diediedie

Jon Callas writes: >Current cryptographic standards work for IoT That's only if you use the circular argument that IoT is defined to be whatever can run DTLS (or whatever you take as "current cryptographic standards", the slides mention DTLS). An yeah, I can then define my IoT to be "whatever c

Re: [TLS] [Cfrg] 3DES diediedie

Hi Peter, On 8/30/16, 5:41 AM, "Peter Gutmann" wrote: >David McGrew (mcgrew) writes: > >>See for instance slides 8 and 9 of Daniel Shumow's talk at NIST’s LWC >>workshop last year: >>http://csrc.nist.gov/groups/ST/lwc-workshop2015/presentations/session4-shumow.pdf > >So looking at slide 6 fro

[TLS] TLS 1.3 -> TLS 2.0?

I occasionally see people ask why we're calling it TLS 1.3 when so much has changed, and I used to simply think that it was too bikesheddy to bother changing at this point. However, now that we've redone negotiation, we have new TLS 1.3+ only cipher suites. The old are not compatible with the ne

Re: [TLS] TLS 1.3 -> TLS 2.0?

This proposal makes a lot of sense to me. I've had numerous conversations explaining to folks that TLS 1.3 is really TLS 2.0. Cheers, Andrei -Original Message- From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Dave Garrett Sent: Tuesday, August 30, 2016 11:20 AM To: tls@ietf.org Subj

Re: [TLS] TLS 1.3 -> TLS 2.0?

I support this change as long as there is no technical change (version ID remains 0x0304). Best, Xiaoyin From: Dave Garrett Sent: Tuesday, August 30, 2016 2:19 PM To: tls@ietf.org Subject: [TLS] TLS 1.3 -> TLS 2.0? I occasionally see peop

Re: [TLS] TLS 1.3 -> TLS 2.0?

On Tuesday, August 30, 2016 02:36:51 pm Xiaoyin Liu wrote: > I support this change as long as there is no technical change (version ID > remains 0x0304). To reiterate, I am also against changing the version ID. However, I do think it's worth updating the context string version number, otherwise

Re: [TLS] TLS 1.3 -> TLS 2.0?

On Tuesday, 30 August 2016 14:19:33 CEST Dave Garrett wrote: > * Keep the version ID as { 3, 4 } (already weird counting; changing risks > more intolerance) IMNSHO this alone is enough of a reason not to do this it's enough explaining to people that SSLv3.3 is really TLSv1.2, now we'll have SSL

Re: [TLS] TLS 1.3 -> TLS 2.0?

I'm also very supportive for the reasons you outline. However, I think we should consider calling it TLS 4 or TLS 4.0 or TLS 5. In particular, much of the non-technical audience still calls it "SSL" (pet peeve of many of us, I suspect) and having a version number clearly greater than SSLv3 and no

Re: [TLS] TLS 1.3 -> TLS 2.0?

On 30/08/16 21:14, Hubert Kario wrote: On Tuesday, 30 August 2016 14:19:33 CEST Dave Garrett wrote: * Keep the version ID as { 3, 4 } (already weird counting; changing risks more intolerance) IMNSHO this alone is enough of a reason not to do this it's enough explaining to people that SSLv3.3

Re: [TLS] TLS 1.3 -> TLS 2.0?

> -Original Message- > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Hubert Kario > Sent: Tuesday, August 30, 2016 4:14 PM > To: tls@ietf.org > Subject: Re: [TLS] TLS 1.3 -> TLS 2.0? > > On Tuesday, 30 August 2016 14:19:33 CEST Dave Garrett wrote: > > * Keep the version ID as { 3, 4

[TLS] Issue 588: Code point assignment for ticket_early_data_info

https://github.com/tlswg/tls13-spec/issues/588 I neglected to assign a code point for this in draft-15. I note, however, that we currently have it occupying a different code point space than hello extensions. I am sort of wondering if it would be more useful for them to be in the same space. Proba

Re: [TLS] TLS 1.3 -> TLS 2.0?

On Tue, 2016-08-30 at 14:19 -0400, Dave Garrett wrote: > I occasionally see people ask why we're calling it TLS 1.3 when so > much has changed, and I used to simply think that it was too > bikesheddy to bother changing at this point. However, now that we've > redone negotiation, we have new TLS 1.3

Re: [TLS] TLS 1.3 -> TLS 2.0?

Dave Garrett writes: >I think it's time we just renamed TLS 1.3 to TLS 2.0. There are major >changes, so labeling it a major version seems more appropriate. > >[...] +1 to all of this. As people on the list know, I've been calling it "TLS 2.0-called-1.3" for a long time now. It really is a ne