Wireshark-bugs: [Wireshark-bugs] [Bug 5486] SSL but not TLS appear in 'Enabled Protocols' and as
Date: Mon, 20 Dec 2010 13:08:52 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5486

Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX

--- Comment #12 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2010-12-20 14:08:48 MST ---
(In reply to comment #11)

> I guess this is philosophical at this point.  I will confess I have used
> tcpdump and WS for years but never looked much at security protocols.  When
> that time finally came, I went straight for looking for TLS and was surprised
> for it to be under SSL.  Also, given that SSL 2.0 or earlier appear to be
> deemed "don't use" its a little uncomfortable looking at a trace on your
> network under SSL when its really one of the more recent (e.g. SSL 3.0+-based)
> items like TLS1.2.

Wireshark does show "TLSv1" in the protocol column and things like "TLSv1
Record Layer: ..." under "Secure Sockets Layer" when dissecting TLS.

> For a newbie in this area, its definitely confusing and a bit alarming. And
> when using WS for an educational purpose (like I am) it causes a slight 
> side-bar about why the WS people like the historical names versus the (I 
> believe more accurate) current names, esp when the protocols have grown to be 
> incompatible.

Wireshark has been around for 12 years (remember the state of the Internet in
1998?), and since the newer protocols are extensions of the original ones,
we've kept the original names instead of changing everything every time the
protocol is updated.  (If we change "ssl" to "tls" what will happen to the
folks who have been typing "ssl" for years and years into Wireshark?)

> I hadn't noticed the BOOTP/DHCP issue until this discussion, but another is
> coming, which is ISAKMP v IKE.  Should I bother filing that one?, because it
> brings up pretty much the same sort of philosophy.

I hadn't even though of it ISAKMP v IKE.  This is a philosophical discussion,
so I'm going to close this ticket and we can discuss this further on the
wireshark-dev@xxxxxxxxxxxxx mailing list.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.