On Thu, Dec 1, 2016 at 10:12 PM Peter Gutmann <pgut...@cs.auckland.ac.nz>

> Tony Arcieri <basc...@gmail.com> writes:
> >There's already ample material out there (papers, presentations, mailing
> list
> >discussions, etc) which talks about "TLS 1.3".
> In other words, the TLS WG and a small number of people who interact with
> it
> call it TLS 1.3.  That's hardly a strong argument when most of the rest of
> the
> world doesn't even call it TLS.
> In fact that's something that's come up repeatedly in the bikeshedding so
> far,
> there are some really good, sound arguments for calling it TLS/SSL 4 or
> TLS/SSL 2017, while pretty much the only reasons I've seen for TLS 1.3 are
> inertia, "we've always called it that"/"I don't want to change"/etc.

I think TLS 4 makes everything worse, not better.

In hindsight, renaming SSL 3.1 was a terrible mistake. But TLS 1.2 is going
to exist for a long time. If we call the next one 4, we have to explain a
gap in the versioning (1.0, 1.1, 1.2, 4?) and placing 2.0 and 3.0 after 1.2
becomes even more inviting.

Short of a time machine so we can call this SSL 3.4, the best fix is to let
SSL 3.0 fall away. This is already semi-plausible (it's out of all
browsers) and is only going to become more realistic over time. Certainly
it will be faster than TLS 1.2 going away and undoing TLS 4's version gap
problem. (TLS 1.3 even places SSL 3.0 as a MUST NOT, for what little teeth
that has.)

Once SSL 3.0 falls away, we'll be left with 1.0, 1.1, 1.2, and 1.3, which
is a plausible numbering progression. There'll still be the mess with SSL
being the informal name for the protocol family, but that isn't a numbering

TLS mailing list

Reply via email to