IETF Logo Mail Archive

[Curdle] FW: I-D Action: draft-ietf-curdle-rc4-die-die-die-03.txt

"Salz, Rich" <rsalz@akamai.com> Sun, 10 December 2017 20:42 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22E39127522 for <curdle@ietfa.amsl.com>; Sun, 10 Dec 2017 12:42:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OixZ1zr9Zfkl for <curdle@ietfa.amsl.com>; Sun, 10 Dec 2017 12:42:55 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41788127137 for <curdle@ietf.org>; Sun, 10 Dec 2017 12:42:55 -0800 (PST)
Received: from pps.filterd (m0122331.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id vBAKg0Qq018851 for <curdle@ietf.org>; Sun, 10 Dec 2017 20:42:54 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=rwxKQ/fY2wXVVmNojajgj0OGMuZMAViZLOEHK4Xf7oc=; b=TKttEPSIS/0wCf9y2aCBWTna4ecwv+DsN+apGcU5vKmzAzhqEXBQlaJ/WJlSY948bNoa DnyV37zi4pGNN77/Hzdcw8SJZXnedMejAG7RNYCuIyQ86wNVvohUt0uP8f30l78CTkBV 33ywgu0Jx4U9ab+3SoIzDllNeMAhPq/44wpMwnOFr1ND69Rwj390bX+byXaZhkIk7Rom CR253zaZEYzyWa/bvcVGq5OQTOpdVR0yQEMvpg5u3BuxfSYYZoBjeGmpdQvP5CqbOk4Y nrgxIxYZjj05vlGo4bUf1Wrfte616y8t//Ndas37mvk66O/sydtNSNaLw78XB1wUDEWJ KQ==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19]) by mx0b-00190b01.pphosted.com with ESMTP id 2er5juv3dk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <curdle@ietf.org>; Sun, 10 Dec 2017 20:42:54 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.21/8.16.0.21) with SMTP id vBAKeQAY011601 for <curdle@ietf.org>; Sun, 10 Dec 2017 15:42:53 -0500
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint2.akamai.com with ESMTP id 2erc1xmucc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <curdle@ietf.org>; Sun, 10 Dec 2017 15:42:53 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sun, 10 Dec 2017 15:42:52 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Sun, 10 Dec 2017 15:42:52 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: "curdle@ietf.org" <curdle@ietf.org>
Thread-Topic: [Curdle] I-D Action: draft-ietf-curdle-rc4-die-die-die-03.txt
Thread-Index: AQHTcSt6tgJDsvuT6UuQeDInxp1PbqM9YF+A
Date: Sun, 10 Dec 2017 20:42:51 +0000
Message-ID: <15C5FA9C-DCC9-4C39-B102-47B4618259E4@akamai.com>
References: <151285096101.24658.6833692177897273472@ietfa.amsl.com>
In-Reply-To: <151285096101.24658.6833692177897273472@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.27.0.171010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.43.46]
Content-Type: text/plain; charset="utf-8"
Content-ID: <854CBC714A51EC42AD24B4CCF717B428@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-12-10_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1712100310
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-12-10_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1712100310
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/UwHbh1it-4wg9AykskMXZcQqcZY>
Subject: [Curdle] FW: I-D Action: draft-ietf-curdle-rc4-die-die-die-03.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Dec 2017 20:42:57 -0000

The security AD’s just got back to us.  Apologies from the AD’s and Chairs for letting this fall through the cracks.

A general “deprecate in all protocols” document is not appropriate for CURDLE.  This means that Section 4 (IMAP->EXTRA), Section 6 (DIAMETER->DIME) and Section 7 are out of scope for this WG. This is quoting Eric, one of the co-Directors.

On a personal level, I think Section 3 should be handled by UTA. And Section 5 has KITTEN

Even if the WG disagrees with me about 3 and 5, there is a question about if it’s worth still having this as a WG document.  Please post your reply to the list; we will call for consensus to move this forward or abandon it early in January.

On 12/9/17, 3:22 PM, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote:

     
    A New Internet-Draft is available from the on-line Internet-Drafts directories.
    This draft is a work item of the CURves, Deprecating and a Little more Encryption WG of the IETF.
    
            Title           : Depreciating RC4 in all IETF Protocols
            Author          : Luis Camara
    	Filename        : draft-ietf-curdle-rc4-die-die-die-03.txt
    	Pages           : 8
    	Date            : 2017-12-09
    
    Abstract:
       RC4 is extremely weak as shown by RFC 6649 and RFC 7457, is
       prohibited in TLS by RFC 7465, is prohibited in Kerberos by RFC xxxx
       and it needs to be prohibited in all IETF protocols. This document
       obsoletes RFC 4345 "Improved Arcfour Modes for the Secure Shell (SSH)
       Transport Layer Protocol" (note Arcfour and RC4 are synonymous).
       RFC 3501, RFC 4253, RFC 6649 and RFC 6733 are updated to note the
       deprecation of RC4 in all IETF protocols.
    
    
    The IETF datatracker status page for this draft is:
    https://datatracker.ietf.org/doc/draft-ietf-curdle-rc4-die-die-die/
    
    There are also htmlized versions available at:
    https://tools.ietf.org/html/draft-ietf-curdle-rc4-die-die-die-03
    https://datatracker.ietf.org/doc/html/draft-ietf-curdle-rc4-die-die-die-03
    
    A diff from the previous version is available at:
    https://www.ietf.org/rfcdiff?url2=draft-ietf-curdle-rc4-die-die-die-03
    
    
    Please note that it may take a couple of minutes from the time of submission
    until the htmlized version and diff are available at tools.ietf.org.
    
    Internet-Drafts are also available by anonymous FTP at:
    ftp://ftp.ietf.org/internet-drafts/
    
    _______________________________________________
    Curdle mailing list
    Curdle@ietf.org
    https://www.ietf.org/mailman/listinfo/curdle

v2.23.0 | Report a Bug | By Email