Re: IETF mail server and SSLv3

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 03 March 2016 07:11 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62F1E1B3FAF for <ietf@ietfa.amsl.com>; Wed, 2 Mar 2016 23:11:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xbhmt0ds7JkQ for <ietf@ietfa.amsl.com>; Wed, 2 Mar 2016 23:11:47 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BBDC1B3FAE for <ietf@ietf.org>; Wed, 2 Mar 2016 23:11:47 -0800 (PST)
Received: from [172.31.24.203] (gzac12-mdf2-1.aoa.twosigma.com [208.77.215.155]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 74DF2282C3D for <ietf@ietf.org>; Thu, 3 Mar 2016 07:11:46 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Subject: Re: IETF mail server and SSLv3
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <m237s8ax5m.wl%randy@psg.com>
Date: Thu, 3 Mar 2016 02:11:46 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <258C9930-4852-4A84-AB7D-F843D0E04C28@dukhovni.org>
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org> <sjmvb66r1st.fsf@securerf.ihtfp.org> <ABDE99FE-4884-4B2C-8115-8D9CB03D372B@vigilsec.com> <m237s8ax5m.wl%randy@psg.com>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/bPb8Gc-YXlpLFqrnRjVUhob7utk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: ietf@ietf.org
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2016 07:11:49 -0000

> On Mar 3, 2016, at 1:33 AM, Randy Bush <randy@psg.com> wrote:
> 
> i expect that, at least for the rest of my career, there will always be
> stronger and weaker crypto.  and we will repeatedly go through the pain
> of purging the [then] weak, with folk screaming about compatibility with
> doors 2005.

The way I see it for opportunistic TLS in general, and Postfix specifically,
is that the sensible approach is to prune the deadwood once it is no longer
useful for interoperability except with a theoretical, but in practice negligible
to non-existent minority of peers.  That is, once removing obsolete 
and week crypto has no practical negative consequences, we should just do it.

What makes this possible is widespread adoption of better alternatives, at
which point algorithm agility (often derided in some circles) makes it
possible to move on.

At this point SSLv2, SSLv3, EXPORT ciphers and single DES are disabled in
Postfix by default.  It is sensible for ietf.org to apply similar settings.

-- 
	Viktor.