On barnacles, drowning and why it is time to kill SSLv3 on the IETF mail server.

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 01 March 2016 17:40 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DFA21B2F3A for <ietf@ietfa.amsl.com>; Tue, 1 Mar 2016 09:40:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.443
X-Spam-Level: **
X-Spam-Status: No, score=2.443 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MISSING_HEADERS=1.021, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6nJSTBYuQCXp for <ietf@ietfa.amsl.com>; Tue, 1 Mar 2016 09:40:45 -0800 (PST)
Received: from mail-lb0-x22e.google.com (mail-lb0-x22e.google.com [IPv6:2a00:1450:4010:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 384D31B304E for <ietf@ietf.org>; Tue, 1 Mar 2016 09:33:50 -0800 (PST)
Received: by mail-lb0-x22e.google.com with SMTP id x1so103396517lbj.3 for <ietf@ietf.org>; Tue, 01 Mar 2016 09:33:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:cc; bh=PbVl8mYQ25H1F68xvCWafzT9aqLZmbm+3UfIzIj71es=; b=iJWlLbtpB2t8T+hPAtVZM/LkAmctMly4+tCCNEU1rDUSPicpP5O8xgBmlFf4epFJRR yy1okMSTqr/QELSsUsZElPOwTa1asNNHp08BpqrecYsZKpIHMM2h4Fe8HoX0upSEIfke JzSw+v+BD8czsm4GQBCwqaEYr/BnNThJHRX2By+hM2LZnnT5eoTT/fOo1sVOZQNUnxvI FpVmArHUIB7C2zJi5YE0nkklIjOoh/nwYiL84YIaoczGlR1Lm4E2hVc/Jq93adT6iDqh 9lka7lAE+jesAmC7JRV/Sz9BeWfZu6VzEgOwBR8J+IuNMY31w5v3x3raFXE0UxsPqNBc okqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:date:message-id:subject:from :cc; bh=PbVl8mYQ25H1F68xvCWafzT9aqLZmbm+3UfIzIj71es=; b=BO2CQpE3AkCU+9/DsXNvTfFzqxM7NkLEMrYCaKEwjHkEmhOfadFJJqCGN/HqF10hb0 AVei3L+GHMKD2gUAIhRvbwcEQZfCglmdvJgcD9gmm8ZUtps5rmg3rREQg/4XAi5Ly2FU AsD8VMPUq7+MgRIovJDNQXlVDHJgt3EI9EFjBgtngVLEJohYf5OeuTRPOou8XVas2K61 p7ogvS/sJB+1G0/VXoVjqqvE/FKmJlDuHjF8kcul08TakSS4T1i9I4+Ssds+RzMeKFaj 3+9w0GX9hMlN4EAotjhLa/nF+uusKwQqNbP4zhM6HLEtW3A5OKsg/dI0oXuUPsJPd3Yk YmoA==
X-Gm-Message-State: AD7BkJJZH7KS5dY72Oh5E8siCqadO/XcorbU6OtKru7+Bd9ZZDKFjMDhe8pnSlsbn3H4jLyyzmPTaYOpqcIotw==
MIME-Version: 1.0
X-Received: by 10.112.91.202 with SMTP id cg10mr8358531lbb.142.1456853628310; Tue, 01 Mar 2016 09:33:48 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.151.67 with HTTP; Tue, 1 Mar 2016 09:33:48 -0800 (PST)
Date: Tue, 1 Mar 2016 12:33:48 -0500
X-Google-Sender-Auth: siAbcVtEctVlQ54e1ZHlOF7lCo0
Message-ID: <CAMm+Lwjxm+G65S0Yrk1OBAEzSuuGA9wjFV2bZu85nf=CsVQkVQ@mail.gmail.com>
Subject: On barnacles, drowning and why it is time to kill SSLv3 on the IETF mail server.
From: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/MUh2LExdOxVOGIOwAHP5lp_xz1E>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2016 17:40:46 -0000

http://arstechnica.com/security/2016/03/more-than-13-million-https-websites-imperiled-by-new-decryption-attack/

Now can we please stop the discussion of why the IETF has to kill SSL3?

You do not get better security by deploying stronger crypto. You only
get better security by stopping using insecure crypto.

Keeping the SSL2 code paths in OpenSSL was a MISTAKE.They should be
excised with great prejudice and the code thrown into the hottest bit
furnaces of mount Mordor. AQnd the SSL3 code paths should follow them.

Maintaining legacy support for obsolete crypto positively harms good
crypto implementations. I don't want to see the code in the
distribution at all. Nor do I want to see support for the kitchen sink
of 40 obsolete crypto algorithms.

Killing off obsolete and broken crypto is actually more important than
developing the new stuff.

If people can't figure out how to find an email provider who can
support standards that have been published for over ten years now then
I have to wonder what value they provide to a standards organization.

One of the big problems at CERN was the attachment to obsolete FORTRAN
code bases even when it was known that they were absolutely riddled
with bugs. Throwing away the old crappy systems might seem a waste but
code and specifications do wear out. Support for legacy systems and
corner cases accumulate over time like barnacles on a sailing ship. If
you don't beech the ship from time to time and scrape off the
accumulated dreck, the ship gets slower and slower and eventually it
will sink.

OpenSSL has drowned because they didn't scrape off the barnacles. Lets
stop arguing over whether it is time to kill SSL3.