On Fri, Dec 02, 2016 at 03:35:00AM +0000, David Benjamin wrote: > I think TLS 4 makes everything worse, not better. > > In hindsight, renaming SSL 3.1 was a terrible mistake. But TLS 1.2 is going > to exist for a long time. If we call the next one 4, we have to explain a > gap in the versioning (1.0, 1.1, 1.2, 4?) and placing 2.0 and 3.0 after 1.2 > becomes even more inviting. > > Short of a time machine so we can call this SSL 3.4, the best fix is to let > SSL 3.0 fall away. This is already semi-plausible (it's out of all > browsers) and is only going to become more realistic over time. Certainly > it will be faster than TLS 1.2 going away and undoing TLS 4's version gap > problem. (TLS 1.3 even places SSL 3.0 as a MUST NOT, for what little teeth > that has.) > > Once SSL 3.0 falls away, we'll be left with 1.0, 1.1, 1.2, and 1.3, which > is a plausible numbering progression. There'll still be the mess with SSL > being the informal name for the protocol family, but that isn't a numbering > problem.
Then "TLS 2017" should be even better. It's neither < 3 nor similar enough to SSL versions as to be confused with them. And the shift in versioning strategy is so typical it would probably not even draw serious notice. -- Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls