The largest number of users have the least amount of information, and they see version numbers as part of various user interfaces. It's clear how they will be inclined to guess 3>1.3>1.2>1.1>1.0 (very bad) but 4>3>1.2>1.1>1.0 (eliminating the problem as soon as 4 is supported).
We've all heard anecdotes of 3>1.2>1.1>1.0 disasters. Even if this type of disaster happens to only 1% of site administrators, it strikes me as more important for security than any of the arguments that have been given for "TLS 1.3". So I would prefer "TLS 4". Yes, sure, we can try to educate people that TLS>SSL (but then we're fighting against tons of TLS=SSL messaging), or educate them to use server-testing tools (so that they can fix the problem afterwards---but I wonder whether anyone has analyzed the damage caused by running SSLv3 for a little while before switching the same keys to a newer protocol), and hope that this education fights against 3>1.3 more effectively than it fought against 3>1.2. But it's better to switch to a less error-prone interface that doesn't require additional education in the first place. ---Dan _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
