[openssl-dev] Can I haz TLS 1.3 ?

[Hanno Böck]

Hi,

On Tue, 3 Oct 2017 17:36:03 +0000
"Salz, Rich via openssl-dev" <openssl-dev at openssl.org> wrote:

> Tests run by various companies, including Google, Mozilla, and
> Facebook, indicate that the “failure rate” of TLS 1.3 is disturbingly
> high. It appears that network hardware such as routers, gateways,
> load balancers and the like, are blocking TLS 1.3 packets because
> they don’t recognize the protocol. They are doing “fail closed” and
> block the connections because they don’t understand it, rather than
> assuming it’s safe to forward. The IETF often uses the term
> “middlebox” to describe such hardware that operates between
> endpoints, and this type of behavior that blocks new protocols as
> “ossificiation.”  The various companies, and no doubt others, are
> trying experiments to tweak the protocol to lower the failure rate.
> For example, in some circumstances it might be acceptable to make a
> TLS 1.3 message look like a TLS 1.2 message (after you’ve already
> committed to doing TLS 1.3).

So I heard chatter about this, but not much details. Which I find
unfortunate and a bit disturbing. (I'm aware of a single case with
bluetooth HW, but this sounds like this is much more common.)

Can the people involved in these Tests please speak up what's going on
here? Particularly can you please name vendor names?
And quite frankly I think we need to have a discussion about those
vendors. They're harming the Internet and they shouldn't be able to do
so without consequences.
TLS 1.3 is already built to workaround broken middleboxes (the whole
new version negotiation and GREASE approach), yet it doesn't seem to
help.

If I may dream I'd like to see a situation where large TLS-friendly
players (thinking Google, Cloudflare etc.) speak up and say that
in the future they'll boycott vendors that deploy such
Internet-breaking devices.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42