Hi, I think that the presumption that most tech people (or even security people) won't have any trouble with the future version numbering of TLS is wrong.
Yesterday morning, on an SAE Vehicle Electrical Systems Security call with some 40 auto security professionals present, I mentioned that TLS 1.3 was wrapping up and was asked "What's TLS?" Usual explanation about SSL being succeeded by IETF TLS 17 years ago. Several responses that were the equivalent of blank stares. And finally, "Then why is the library still called OpenSSL?" Rich has highlighted that the tech community goes right on conflating SSL with TLS on web sites. I change my two cents to "TLS 4" but am unsure about "4" or "4.0" because the tech community has been trained to care about major.minor. Cheers, - Ira Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic http://sites.google.com/site/highnorthinc mailto: blueroofmu...@gmail.com Jan-April: 579 Park Place Saline, MI 48176 734-944-0094 May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434 On Sat, Nov 19, 2016 at 6:32 AM, Jeffrey Walton <noloa...@gmail.com> wrote: > On Thu, Nov 17, 2016 at 9:12 PM, Sean Turner <s...@sn3rd.com> wrote: > > At IETF 97, the chairs lead a discussion to resolve whether the WG > should rebrand TLS1.3 to something else. Slides can be found @ > https://www.ietf.org/proceedings/97/slides/slides- > 97-tls-rebranding-aka-pr612-01.pdf. > > > > The consensus in the room was to leave it as is, i.e., TLS1.3, and to > not rebrand it to TLS 2.0, TLS 2, or TLS 4. We need to confirm this > decision on the list so please let the list know your top choice between: > > > > - Leave it TLS 1.3 > > - Rebrand TLS 2.0 > > - Rebrand TLS 2 > > - Rebrand TLS 4 > > > > by 2 December 2016. > > Please forgive my ignorance... > > Who are you targeting for the versioning scheme? Regular users? Mom > and pop shops with a web presence? Tech guys and gals? Security folks? > > For most tech people and security folks, I don't think it matters > much. However, how many regular users would have clung to SSLv3 and > TLS 1.0 (given TLS 1.2 was available) if they were named SSL 1995 and > TLS 1999 (given TLS 2008 or TLS 2010 was available)? > > (Sorry to violate the Hum restriction). > > Jeff > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
