[openssl-project] When to enable TLS 1.3
levitte at openssl.org
Fri Apr 20 03:37:54 UTC 2018
In message <C52E12D5-21DB-4FB6-AEED-A873D7364E02 at dukhovni.org> on Thu, 19 Apr 2018 19:16:04 -0400, Viktor Dukhovni <openssl-users at dukhovni.org> said:
openssl-users> But not all the friction can be eliminated, and likely not
openssl-users> all providers can be persuaded to be more accommodating.
openssl-users> Which leaves us with some difficult judgement calls:
openssl-users> * Restrict TLS 1.3 support to just applications compiled
openssl-users> against 1.1.1? A weak signal, but likely correlates at
openssl-users> least somewhat with the application being ready.
openssl-users> * Determine whether the application is likely to be compatible
openssl-users> at runtime by looking at the provided configuration. Is SNI
openssl-users> enabled? Is the certificate chain weird enough to break with
openssl-users> TLS 1.3. Has the application turned off critical algorithms?
Of those two, the second provides for a smoother transition to using
TLSv1.3, all it might take is changing a configuration, getting a
newer certificate with a more compatible chain, changing an engine
module. Some of those may take some time (even purchasing a new cert,
what do I know?), but still. If at all possible, the second choice
seems like the better one.
The only reason I can see for the first option is if there are things
that cannot be detected in run-time that would cause the use of older
protocols rather than TLSv1.3. I suspect a too early call of
SSL_version might be one that's hard to cope with...
openssl-users> * Do nothing, let the applications adapt or stick with older
I don't see this as acceptable. Let's remember that 1.1.0 -> 1.1.1 is
a *minor* upgrade, i.e. should be a drop-in backward compatible
replacement. If that upgrade causes applications to suddenly stop
working because we're force feeding them TLSv1.3, then we've failed
that technical promise. If I was a user in that scenario, I'd be
openssl-users> * Something else?
Making this a *major* upgrade, i.e. 1.2.0.
openssl-users> We don't have much time before release, what do we do?
If we can't resolve this, there is the option of delaying the
release. The release strategy is clear on this: "This may be amended
at any time as the need arises."
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project