It seems like TLS 2 and TLS 2.0 have very little support, so it's really just deciding between:
TLS 1.3 TLS 4 (or maybe 4.0) I'll just amplify Rich's and djb's points by noting that the cost of switching away from TLS 1.3 really only affects a very small number of people -- really just the people in and around this WG. There is a much, much larger universe of people who will make deployment and implementation decisions, with varying attention span and degrees of skill, and I think they're best served with a clean start of an unambiguous version number. Just because it feels uncomfortable to us doesn't mean it will feel uncomfortable to the larger technical/enterprise community who don't really *care* about the versioning scheme, they just need to make some decisions and move on. -- Eric On Fri, Nov 18, 2016 at 1:07 PM, D. J. Bernstein <d...@cr.yp.to> wrote: > The largest number of users have the least amount of information, and > they see version numbers as part of various user interfaces. It's clear > how they will be inclined to guess 3>1.3>1.2>1.1>1.0 (very bad) but > 4>3>1.2>1.1>1.0 (eliminating the problem as soon as 4 is supported). > > We've all heard anecdotes of 3>1.2>1.1>1.0 disasters. Even if this type > of disaster happens to only 1% of site administrators, it strikes me as > more important for security than any of the arguments that have been > given for "TLS 1.3". So I would prefer "TLS 4". > > Yes, sure, we can try to educate people that TLS>SSL (but then we're > fighting against tons of TLS=SSL messaging), or educate them to use > server-testing tools (so that they can fix the problem afterwards---but > I wonder whether anyone has analyzed the damage caused by running SSLv3 > for a little while before switching the same keys to a newer protocol), > and hope that this education fights against 3>1.3 more effectively than > it fought against 3>1.2. But it's better to switch to a less error-prone > interface that doesn't require additional education in the first place. > > ---Dan > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- konklone.com | @konklone <https://twitter.com/konklone>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
