Fwd: Wording for strict vs implicit TLS in <draft-elie-nntp-tls-recommendations-01.txt>

Julien ÉLIE <julien@trigofacile.com> Fri, 23 December 2016 20:24 UTC

Return-Path: <julien@trigofacile.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 8176D1294FD for <ietf@ietfa.amsl.com>; Fri, 23 Dec 2016 12:24:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 7QajY4CnKY8n for <ietf@ietfa.amsl.com>; Fri, 23 Dec 2016 12:24:06 -0800 (PST)
Received: from smtp.smtpout.orange.fr (smtp03.smtpout.orange.fr []) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C72B1293E0 for <ietf@ietf.org>; Fri, 23 Dec 2016 12:24:05 -0800 (PST)
Received: from macbook-pro-de-julien-elie.home ([]) by mwinf5d38 with ME id PYQ21u00a17Lgi403YQ33m; Fri, 23 Dec 2016 21:24:03 +0100
X-ME-Helo: macbook-pro-de-julien-elie.home
X-ME-Auth: anVsaWVuLmVsaWU0ODdAd2FuYWRvby5mcg==
X-ME-Date: Fri, 23 Dec 2016 21:24:03 +0100
Subject: Fwd: Wording for strict vs implicit TLS in <draft-elie-nntp-tls-recommendations-01.txt>
References: <d43e958e-951c-1106-da2d-cb32be3e5b3b@trigofacile.com>
To: ietf@ietf.org
From: =?UTF-8?Q?Julien_=c3=89LIE?= <julien@trigofacile.com>
Organization: TrigoFACILE -- http://www.trigofacile.com/
X-Forwarded-Message-Id: <d43e958e-951c-1106-da2d-cb32be3e5b3b@trigofacile.com>
Message-ID: <ad470231-fb77-07e0-fba5-9579fde84282@trigofacile.com>
Date: Fri, 23 Dec 2016 21:24:03 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <d43e958e-951c-1106-da2d-cb32be3e5b3b@trigofacile.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/87t6QDPKj1mT8JIz7qzpSSX3twc>
Cc: draft-elie-nntp-tls-recommendations.all@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Dec 2016 20:24:08 -0000


FYI, I'll take into account for the revised version of draft-elie-nntp-tls-recommendations
the comment Viktor gave in the UTA mailing-list.

The terminology for "TLS negotiation immediately upon connection on a separate port"
is not consistent between RFCs.
RFC 7525 uses "strict TLS" (and unfortunately does not define the term).
RFC 7672 uses "mandatory TLS".
draft-ietf-uta-email-deep uses "implicit TLS".

As I believe "implicit TLS" is the most accurate wording, I'll also use that term
for draft-elie-nntp-tls-recommendations.

Julien ÉLIE

-------- Message transféré --------
Sujet : Re: [Uta] draft-ietf-uta-email-deep-05: wording about strict vs implicit TLS
Date : Thu, 22 Dec 2016 17:07:07 +0100
De : Julien ÉLIE <julien@trigofacile.com>
Organisation : TrigoFACILE -- http://www.trigofacile.com/
Pour : uta@ietf.org

Hi Viktor,

>> draft-ietf-uta-email-deep-05 defines "Implicit TLS" in Section 4:
>> 'amechanism where TLS is negotiated immediately at connection start on a
>> separate port (referred to in this document as "Implicit TLS")'
> This choice of language is sensible, since the use of TLS is implicit
> in the (choice of) transport endpoint, rather than explicitly negotiated
>> whereas published RFC 7525 uses the terminology "strict TLS".  It is the title of
>> Section 3.2, which mentions 'a choice between strict TLS configuration and dynamic
>> upgrade from unencrypted to TLS-protected traffic (such as STARTTLS)'.
> While the language in 7525 is unfortunate, since 'strict TLS' is not
> clearly defined in that document, and the name suggests that it is an
> alternative to 'opportunistic TLS', rather than an alternative to
> STARTTLS.  While STARTTLS is often used opportunistically, that is not
> always the case.  While RFC 7672 calls this "mandatory TLS", I would
> expect "strict" and "mandatory" to be synonymous.

I perfectly understand your arguments, and I agree with you.

Shouldn't an erratum be added to RFC 7525 so as to at least add a definition of "strict TLS"?  It is indeed missing!

I've updated the wording in draft-elie-nntp-tls-recommendations so as to use "implicit TLS" like draft-ietf-uta-email-deep.

    In particular, this document updates [RFC4642] by specifying that
    NNTP implementations and deployments MUST follow the best current
    practices documented in the "Recommendations for Secure Use of TLS
    and DTLS" [RFC7525].  This includes stronger recommendations
    regarding SSL/TLS protocol versions, fallback to lower versions, TLS
    negotiation immediately upon connection on a separate port (referred
    to in this document as "implicit TLS"), TLS-level compression, TLS
    session resumption, cipher suites, public key lengths, forward
    secrecy, and other aspects of using TLS with NNTP.


    o  NNTP implementations and deployments SHOULD prefer implicit TLS
       and therefore use strict TLS configuration (Section 3.2 of
       [RFC7525]), that is to say they SHOULD use a port dedicated to
       NNTP over TLS, and begin the TLS negotiation immediately upon
       connection (contrary to a dynamic upgrade from unencrypted to TLS-
       protected traffic via the use of the STARTTLS command, as Section
       1 of [RFC4642] was encouraging).  For the same reasons, transposed
       to NNTP, as those given in Appendix A of [MUA-STS] (whose one of
       the authors was also one of the authors of [RFC4642]), implicit
       TLS is the preferred way of using TLS with NNTP.

It is the only paragraph where I still mention "strict TLS configuration" because I reference RFC 7525.  In all other parts of the draft, only "implicit TLS" terminology is now used.
Thanks for your suggestion!

Julien ÉLIE

« J'ai le pied gauche qui est jaloux du pied droit. Quand j'avance le
   pied droit, le pied gauche, qui ne veut pas rester en arrière…
   passe devant… le pied droit en fait autant… et moi… comme un
   imbécile… je marche. » (Raymond Devos)

Uta mailing list