Peter Gutmann wrote: > Thomas Pornin <por...@bolet.org> writes: >> >>TLS 1.3 is moving away from the IoT/embedded world, and more toward a Web >>world. This is not necessarily _bad_, but it is likely to leave some people >>unsatisfied (and, in practice, people clinging to TLS 1.2). > > I would go slightly further and say that TLS 1.3 could end up forking TLS in > the same way that HTTP/2 has forked HTTP. There's HTTP/2 for web content > providers and HTTP 1.1 for the rest of us/them (depending on your point of > view). Similarly, there are sizeable groups of users who will take a decade > or more to get to TLS 1.3 (they're still years away from 1.2 at the moment), > or who may never move to TLS 1.3 because too much of their existing > infrastructure is dependent on how TLS 1.x, x = 0...2, works. So as with > HTTP/2 we may end up with TLS 1.3 for web content providers and TLS 1.0/1.2 > for everything else.
I expect TLSv1.3 is going to be in a decade where IPv6 is today. Not supporting IPv4 is a non-starter, because you can not reach 95% of the internet, and not even get internet connectivity in a lot of places. Not supporting IPv6 is paradise: less code, less headaches, less interop problems, less security issues, and you will _not_ miss anything at all, because everything that is at least remotely interesing, is accessible via IPv4. -Martin _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
