Maintaining my hum from the meeting, I prefer keeping TLS 1.3 over renaming, primarily because there's now a good amount of documentation/implementation in the wild that refers to TLS 1.3, and we'll need to keep around the new equivalence of TLS 2 (or 4)=TLS 1.3.
On Sat, Nov 19, 2016, 8:31 AM Ira McDonald <blueroofmu...@gmail.com> wrote: > Hi, > > I think that the presumption that most tech people (or even security > people) > won't have any trouble with the future version numbering of TLS is wrong. > > Yesterday morning, on an SAE Vehicle Electrical Systems Security call with > some 40 auto security professionals present, I mentioned that TLS 1.3 was > wrapping up and was asked "What's TLS?" Usual explanation about SSL > being succeeded by IETF TLS 17 years ago. Several responses that were > the equivalent of blank stares. And finally, "Then why is the library > still > called OpenSSL?" > > Rich has highlighted that the tech community goes right on conflating SSL > with TLS on web sites. > > I change my two cents to "TLS 4" but am unsure about "4" or "4.0" because > the tech community has been trained to care about major.minor. > > Cheers, > - Ira > > > Ira McDonald (Musician / Software Architect) > Co-Chair - TCG Trusted Mobility Solutions WG > Chair - Linux Foundation Open Printing WG > Secretary - IEEE-ISTO Printer Working Group > Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG > IETF Designated Expert - IPP & Printer MIB > Blue Roof Music / High North Inc > http://sites.google.com/site/blueroofmusic > http://sites.google.com/site/highnorthinc > mailto: blueroofmu...@gmail.com > Jan-April: 579 Park Place Saline, MI 48176 734-944-0094 > May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434 > > > On Sat, Nov 19, 2016 at 6:32 AM, Jeffrey Walton <noloa...@gmail.com> > wrote: > > On Thu, Nov 17, 2016 at 9:12 PM, Sean Turner <s...@sn3rd.com> wrote: > > At IETF 97, the chairs lead a discussion to resolve whether the WG > should rebrand TLS1.3 to something else. Slides can be found @ > https://www.ietf.org/proceedings/97/slides/slides-97-tls-rebranding-aka-pr612-01.pdf > . > > > > The consensus in the room was to leave it as is, i.e., TLS1.3, and to > not rebrand it to TLS 2.0, TLS 2, or TLS 4. We need to confirm this > decision on the list so please let the list know your top choice between: > > > > - Leave it TLS 1.3 > > - Rebrand TLS 2.0 > > - Rebrand TLS 2 > > - Rebrand TLS 4 > > > > by 2 December 2016. > > Please forgive my ignorance... > > Who are you targeting for the versioning scheme? Regular users? Mom > and pop shops with a web presence? Tech guys and gals? Security folks? > > For most tech people and security folks, I don't think it matters > much. However, how many regular users would have clung to SSLv3 and > TLS 1.0 (given TLS 1.2 was available) if they were named SSL 1995 and > TLS 1999 (given TLS 2008 or TLS 2010 was available)? > > (Sorry to violate the Hum restriction). > > Jeff > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
