[openssl-project] When to enable TLS 1.3

Richard Levitte levitte at openssl.org
Fri Apr 20 03:37:54 UTC 2018 

In message <C52E12D5-21DB-4FB6-AEED-A873D7364E02 at dukhovni.org> on Thu, 19 Apr 2018 19:16:04 -0400, Viktor Dukhovni <openssl-users at dukhovni.org> said:

openssl-users> But not all the friction can be eliminated, and likely not
openssl-users> all providers can be persuaded to be more accommodating.
openssl-users> Which leaves us with some difficult judgement calls:
openssl-users> 
openssl-users>   * Restrict TLS 1.3 support to just applications compiled
openssl-users>     against 1.1.1?  A weak signal, but likely correlates at
openssl-users>     least somewhat with the application being ready.
openssl-users> 
openssl-users>   * Determine whether the application is likely to be compatible
openssl-users>     at runtime by looking at the provided configuration.  Is SNI
openssl-users>     enabled?  Is the certificate chain weird enough to break with
openssl-users>     TLS 1.3.  Has the application turned off critical algorithms?

Of those two, the second provides for a smoother transition to using
TLSv1.3, all it might take is changing a configuration, getting a
newer certificate with a more compatible chain, changing an engine
module.  Some of those may take some time (even purchasing a new cert,
what do I know?), but still.  If at all possible, the second choice
seems like the better one.

The only reason I can see for the first option is if there are things
that cannot be detected in run-time that would cause the use of older
protocols rather than TLSv1.3.  I suspect a too early call of
SSL_version might be one that's hard to cope with...

openssl-users>   * Do nothing, let the applications adapt or stick with older
openssl-users>     libraries?

I don't see this as acceptable.  Let's remember that 1.1.0 -> 1.1.1 is
a *minor* upgrade, i.e. should be a drop-in backward compatible
replacement.  If that upgrade causes applications to suddenly stop
working because we're force feeding them TLSv1.3, then we've failed
that technical promise.  If I was a user in that scenario, I'd be
furious.

openssl-users>   * Something else?

Making this a *major* upgrade, i.e. 1.2.0.

openssl-users> We don't have much time before release, what do we do?

If we can't resolve this, there is the option of delaying the
release.  The release strategy is clear on this: "This may be amended
at any time as the need arises."
(https://www.openssl.org/policies/releasestrat.html)

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-project mailing list