2016-11-19 7:32 GMT+09:00 Eric Mill <e...@konklone.com>: > It seems like TLS 2 and TLS 2.0 have very little support, so it's really > just deciding between: > > TLS 1.3 > TLS 4 (or maybe 4.0) > > I oppose to going to TLS 4, due to the following reasons:
* it might give people false notion that SSL 2.0, 3.0 is superior to TLS 1.0-1.2 * if name the new protocol TLS 1.3, 2.0, or 2, then there would be no confusion once SSL goes away. However, if we name the new version TLS 4, then people would (for upcoming tens of years) continue to ask where TLS 2 and TLS 3. > I'll just amplify Rich's and djb's points by noting that the cost of > switching away from TLS 1.3 really only affects a very small number of > people -- really just the people in and around this WG. > > There is a much, much larger universe of people who will make deployment > and implementation decisions, with varying attention span and degrees of > skill, and I think they're best served with a clean start of an unambiguous > version number. Just because it feels uncomfortable to us doesn't mean it > will feel uncomfortable to the larger technical/enterprise community who > don't really *care* about the versioning scheme, they just need to make > some decisions and move on. > > -- Eric > > On Fri, Nov 18, 2016 at 1:07 PM, D. J. Bernstein <d...@cr.yp.to> wrote: > >> The largest number of users have the least amount of information, and >> they see version numbers as part of various user interfaces. It's clear >> how they will be inclined to guess 3>1.3>1.2>1.1>1.0 (very bad) but >> 4>3>1.2>1.1>1.0 (eliminating the problem as soon as 4 is supported). >> >> We've all heard anecdotes of 3>1.2>1.1>1.0 disasters. Even if this type >> of disaster happens to only 1% of site administrators, it strikes me as >> more important for security than any of the arguments that have been >> given for "TLS 1.3". So I would prefer "TLS 4". >> >> Yes, sure, we can try to educate people that TLS>SSL (but then we're >> fighting against tons of TLS=SSL messaging), or educate them to use >> server-testing tools (so that they can fix the problem afterwards---but >> I wonder whether anyone has analyzed the damage caused by running SSLv3 >> for a little while before switching the same keys to a newer protocol), >> and hope that this education fights against 3>1.3 more effectively than >> it fought against 3>1.2. But it's better to switch to a less error-prone >> interface that doesn't require additional education in the first place. >> >> ---Dan >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> > > > > -- > konklone.com | @konklone <https://twitter.com/konklone> > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > -- Kazuho Oku
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
