Re: IETF mail server and SSLv3

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 03 March 2016 18:47 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 399D01B3180 for <ietf@ietfa.amsl.com>; Thu, 3 Mar 2016 10:47:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XMzLbap_Dg4A for <ietf@ietfa.amsl.com>; Thu, 3 Mar 2016 10:47:13 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F39B1B3BB9 for <ietf@ietf.org>; Thu, 3 Mar 2016 10:47:13 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 13FF3284CDB; Thu, 3 Mar 2016 18:47:12 +0000 (UTC)
Date: Thu, 3 Mar 2016 18:47:12 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: ietf@ietf.org
Subject: Re: IETF mail server and SSLv3
Message-ID: <20160303184711.GH10917@mournblade.imrryr.org>
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org> <sjmvb66r1st.fsf@securerf.ihtfp.org> <ABDE99FE-4884-4B2C-8115-8D9CB03D372B@vigilsec.com> <m237s8ax5m.wl%randy@psg.com> <258C9930-4852-4A84-AB7D-F843D0E04C28@dukhovni.org> <56D819FD.2080205@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <56D819FD.2080205@cs.tcd.ie>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/aJI9ANFm2QMV8A9zDs36HYP-TJI>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: ietf@ietf.org
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2016 18:47:15 -0000

On Thu, Mar 03, 2016 at 11:03:25AM +0000, Stephen Farrell wrote:

> > The way I see it for opportunistic TLS in general, and Postfix specifically,
> > is that the sensible approach is to prune the deadwood once it is no longer
> > useful for interoperability except with a theoretical, but in practice negligible
> > to non-existent minority of peers.  That is, once removing obsolete 
> > and week crypto has no practical negative consequences, we should just do it.
> 
> This was something we debated during the processing of
> RFC7435. I do think the OS approach is a fine thing, but
> I'd be much more for ditching weak crypto than you.

We're not in significant disagreement.

I'm not advocating keeping weak crypto around, in fact the opposite.

Rather I drawing advocating some attention to balancing interoperability
needs in the timing of the removal.  For opportunistic security,
breaking interoperability *in practice* (not just in theory) is to
be avoided in the early phase of deprecation when better alternatives
are not sufficiently widely deployed.  If or once better alternatives
are almost universally deployed, out it goes.

-- 
	Viktor.