Re: [TLS] [Cfrg] Data limit to achieve Indifferentiability for ciphertext with TLS 1.3 GCM, and the 2nd paragraph of Section 5.5

2016-11-21 Thread Dang, Quynh (Fed)
Hi Ilari, You were right, for testing, a smaller number should be used. Quynh. From: ilariliusva...@welho.com on behalf of Ilari Liusvaara Sent: Monday, November 21, 2016 3:42 PM To: Dang, Quynh (Fed)

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Hugo Krawczyk
If it wasn't because we don't need more noise in this discussion I would have suggested SSL 5.0 which seems to be the logical conclusion from the reasoning people are using. Clearly, everyone thinks that the battle of replacing "SSL" with "TLS" in the popular and technical references to the

Re: [TLS] [Cfrg] Data limit to achieve Indifferentiability for ciphertext with TLS 1.3 GCM, and the 2nd paragraph of Section 5.5

2016-11-21 Thread Ilari Liusvaara
On Mon, Nov 14, 2016 at 02:54:23AM +, Dang, Quynh (Fed) wrote: > > Rekeying too often than needed would just create more room for > issues for the connection/session without gaining any additional > practical security at all. With regards to rekeying frequency I'm concerned about

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Salz, Rich
➢ You should be reluctant to draw too many conclusions from a field which you can only access by clicking through a big scary warning that you are voiding your warranty: Warranty? And sure, users never click through security warnings ☺ At any rate, this was intended to be a little

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread David Woodhouse
On Mon, 2016-11-21 at 19:34 +, Salz, Rich wrote: > Do "about:config" in firefox and look for TLS: > security.tls.version.max default integer 3 > > And then perhaps look at http://kb.mozillazine.org/Security.tls.version.* > (yes the star is part of the URL) > > EVEN MOZILLA

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Richard Barnes
On Mon, Nov 21, 2016 at 2:51 PM, Yoav Nir wrote: > > > On 21 Nov 2016, at 20:43, Salz, Rich wrote: > > > > > >> With this in mind, I'm voting in favor of any re-branding of TLS 1.3 > where the > >> protocol name remains "TLS" and major version becomes > 1.

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Sean Leonard
+1 to TLS 1.3. My strong preference is TLS 1.3. Reasons have been advanced ad-nauseam. Just a couple of additional thoughts: 1.3 is in the protocol. So there. "Perl 6". Just because you advance a version number to a big one, doesn't mean that businesses will see the justification to upgrade.

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Eric Rescorla
On Mon, Nov 21, 2016 at 11:34 AM, Salz, Rich wrote: > Do "about:config" in firefox and look for TLS: > security.tls.version.max default integer 3 > > And then perhaps look at http://kb.mozillazine.org/Security.tls.version.* > (yes the star is part of the URL) > >

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Short, Todd
Throwing my hat into the ring, the basic record protocol has not changed. If anything, what is currently referred to as TLSv1.3 is really just a major update to the handshake messages. If the record protocol were to change to use a sane 4-byte header (which I proposed many months ago), then I

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Yoav Nir
> On 21 Nov 2016, at 20:43, Salz, Rich wrote: > > >> With this in mind, I'm voting in favor of any re-branding of TLS 1.3 where >> the >> protocol name remains "TLS" and major version becomes > 1. > > Me too. Agree ___ TLS

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Salz, Rich
Do "about:config" in firefox and look for TLS: security.tls.version.max default integer 3 And then perhaps look at http://kb.mozillazine.org/Security.tls.version.* (yes the star is part of the URL) EVEN MOZILLA can't get it "right."

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread =JeffH
In the room last week, I hummed for "TLS 4". that said, I overall agree with Andrei's sentiment.. > I'm voting in favor of any re-branding of TLS 1.3 where the > protocol name remains "TLS" and major version becomes > 1. HTH, =JeffH ___ TLS mailing

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Dmitry Belyavsky
Hello, On Mon, Nov 21, 2016 at 9:43 PM, Salz, Rich wrote: > > > With this in mind, I'm voting in favor of any re-branding of TLS 1.3 > where the > > protocol name remains "TLS" and major version becomes > 1. > > Me too. > > +1 -- SY, Dmitry Belyavsky

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Salz, Rich
> With this in mind, I'm voting in favor of any re-branding of TLS 1.3 where the > protocol name remains "TLS" and major version becomes > 1. Me too. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] Confirming consensus: TLS1.3->TLS*

2016-11-21 Thread Andrei Popov
Peter has some excellent points here (although I would prefer "TLS 2.0"). Perhaps the "re-branders" are losing votes and hums because we're fragmented into numerous camps. With this in mind, I'm voting in favor of any re-branding of TLS 1.3 where the protocol name remains "TLS" and major