- Thank you for the data-driven approach, but it definitely doesn't match other reports
The TLS 1.3 adoption document you reference seems to be based solely on Web browser data:
Browser
|
Percentage of TLS 1.3
|
Chrome
|
30%
|
Firefox
|
27%
|
Safari
|
27%
|
My numbers come from the Windows TLS stack telemetry. Windows releases with TLS 1.3 support (Server 2022, Windows 11 and later) use a 3rd-party TLS stack for the in-box Web browser. So the Windows TLS stack telemetry does not
include Web browser connections. This is client and server apps (native, .NET, Modern, etc.), Web and other services, file services, RDP, e-mail, industrial systems... Some Web service connections, but also all other things besides/beyond the Web. A mix of
Internet and various private and public sector networks.
- Maybe it means TLS 1.2 /could/ be negotiated for 99% of connections?
The data shows that TLS 1.2 was in fact negotiated 98-99% of the time. Either because a TLS peer did not support TLS 1.3, or an app programmatically disabled TLS 1.3, or a system admin disabled TLS 1.3. It’s a long discussion about the
reasons, but at the moment we see 98-99% of the connections negotiating TLS 1.2.
Overall, our telemetry shows that TLS 1.3 usage is growing (BTW, QUIC usage is included in my TLS 1.3 numbers). It’s just nowhere near TLS 1.2 usage at the moment.
From: Rob Sayre <sayrer@xxxxxxxxx>
Sent: Thursday, July 14, 2022 10:25 AM
To: Andrei Popov <Andrei.Popov@xxxxxxxxxxxxx>
Cc: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>; Peter Saint-Andre <stpeter@xxxxxxxxxx>; Benjamin Kaduk <kaduk@xxxxxxx>; secdir@xxxxxxxx; draft-ietf-uta-rfc7525bis.all@xxxxxxxx; last-call@xxxxxxxx; uta@xxxxxxxx
Subject: [EXTERNAL] Re: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Speaking of PCs and servers: I took a look at Windows TLS stack telemetry (only including those OS versions that support TLS 1.3).
TLS 1.2 is negotiated for 99% of the TLS server connections and 98% of the TLS client connections using Windows TLS stack.
TLS 1.3 use amounts to 0.4% of TLS server connections and just under 2% of TLS client connections.
Thank you for the data-driven approach, but it definitely doesn't match other reports. Maybe it means TLS 1.2 /could/ be negotiated for 99% of connections?
Here is a 2019 document from the IETF:
Cheers,
Andrei
-----Original Message-----
From: Uta <uta-bounces@xxxxxxxx> On Behalf Of Peter Gutmann
Sent: Wednesday, July 13, 2022 8:07 PM
To: Rob Sayre <sayrer@xxxxxxxxx>; Peter Saint-Andre <stpeter@xxxxxxxxxx>
Cc: Benjamin Kaduk <kaduk@xxxxxxx>;
secdir@xxxxxxxx;
draft-ietf-uta-rfc7525bis.all@xxxxxxxx;
last-call@xxxxxxxx; uta@xxxxxxxx
Subject: [EXTERNAL] Re: [Uta] [Last-Call] Secdir telechat review of draft-ietf-uta-rfc7525bis-09
Rob Sayre <sayrer@xxxxxxxxx> writes:
>Also, in the realm of opinion rather than correctness: mandating TLS
>1.2 support is misguided. Every TLS implementation maintains divided
>codebases for 1.2 vs 1.3.
On desktop PCs and servers perhaps, but in embedded the very fact that you need two sets of codebases means many systems will stay with 1.2, possibly forever when everything around them is also staying with 1.2.
>No one reads the TLS 1.2 code very closely these days, in my
>experience, so the BCP would be mandating support for something people
>don't really work on anymore.
Unless the only codebase you've got is 1.2. However in the same embedded systems you typically do it once, do it right, and skip the neverending flow of bells and whistles that keep appearing, so there's no need to constantly fiddle with the code as for PC/server
use.
Peter.
_______________________________________________
Uta mailing list
Uta@xxxxxxxx
https://nam06.safelinks.protection.outlook.com/?url="">