On Tuesday, January 12, 2016 09:03:53 am Peter Gutmann wrote: > Martin's comment reminded me of the following that I've been meaning to > post... > > In a recent discussion among some crypto folks, the topic of what TLS 1.3 > could be came up. Now by TLS 1.3 I mean TLS 1.3 as a simple upgrade path from > TLS 1.2, not the TLS 2.0-called-TLS 1.3 that it currently is. The discussion > centered around the fact that we already have lots of analysis done for TLS > 1.x, and it's not too hard to create a TLS 1.3 that fixes the TLS < 1.3 > problems while being as compatible as possible with existing infrastructure. > So what this would do is take existing security analysis applied to TLS, [...]
Welcome to the TLS 1.2.1 proposal club. Unfortunately, we don't have snacks. I'll be the bearer of bad news and tell you that your proposal has come up in multiple forms. I suggested a similar thing a while back and far before me others have as well. The chairs have, however, long declared consensus that we want to focus on a single new version not leaving out other more complex changes, namely latency improvements. The primary argument is that TLS version adoption rates are horrible and we would be far better suited to one major upgrade rather than incremental changes that would likely inhibit adoption of the more complex changes that we also need. (just a quick summary from my view; someone else can chime in here if they need to) I can't dispute this position, though personally I think it's not the best move. That said, if we were going to do a more incremental TLS version, doing it along side HTTP/2 to avoid the messy TLS restrictions it ended up with would have been the way to go. That ship has sailed, and we're now well into TLS 1.3 development, so I guess I'm now on board with working to finalize the work that we're already doing (frankly, with a rename to TLS 2.0 being a good idea). If you can somehow drum up consensus to overturn the previous consensus, more power to you, but I think that's not likely to be the best route anymore. Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
