Re: IETF mail server and SSLv3

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 03 March 2016 11:03 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 821001A8A7F for <ietf@ietfa.amsl.com>; Thu, 3 Mar 2016 03:03:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.307
X-Spam-Level:
X-Spam-Status: No, score=-4.307 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V0ulKpkGfbqE for <ietf@ietfa.amsl.com>; Thu, 3 Mar 2016 03:03:27 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C3191A8A63 for <ietf@ietf.org>; Thu, 3 Mar 2016 03:03:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 9FCB5BE8A for <ietf@ietf.org>; Thu, 3 Mar 2016 11:03:25 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YPqTGr0NKZ65 for <ietf@ietf.org>; Thu, 3 Mar 2016 11:03:25 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 18E43BE5C for <ietf@ietf.org>; Thu, 3 Mar 2016 11:03:25 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1457003005; bh=r+wYyk1jxKcLC3QI+rVmcbQLsCk0YMVk7lto/aJjpZs=; h=Subject:To:References:From:Date:In-Reply-To:From; b=VIMQku4SvhkEGVn0hznkQ9XjZeEAYYstFFoGEEaCjIZ45bBkHBpySsddOZP5uNEGg C+CX5tRE1x7RPylxy28RVZTtC34XOWEQ/2NOgYbVTVRx5KgddN9Wb2KKPAk/2/WBcx n1G45TXQQcTAG3hzYbMfwyVO1X3qMAoGrddjdu9I=
Subject: Re: IETF mail server and SSLv3
To: ietf@ietf.org
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org> <sjmvb66r1st.fsf@securerf.ihtfp.org> <ABDE99FE-4884-4B2C-8115-8D9CB03D372B@vigilsec.com> <m237s8ax5m.wl%randy@psg.com> <258C9930-4852-4A84-AB7D-F843D0E04C28@dukhovni.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56D819FD.2080205@cs.tcd.ie>
Date: Thu, 3 Mar 2016 11:03:25 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <258C9930-4852-4A84-AB7D-F843D0E04C28@dukhovni.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060209050509040908020105"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/hkYgwtVBf6hhmNJMdnIAgmlXJs8>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2016 11:03:29 -0000


On 03/03/16 07:11, Viktor Dukhovni wrote:

> The way I see it for opportunistic TLS in general, and Postfix specifically,
> is that the sensible approach is to prune the deadwood once it is no longer
> useful for interoperability except with a theoretical, but in practice negligible
> to non-existent minority of peers.  That is, once removing obsolete 
> and week crypto has no practical negative consequences, we should just do it.

This was something we debated during the processing of
RFC7435. I do think the OS approach is a fine thing, but
I'd be much more for ditching weak crypto than you.

DROWN, LOGJAM and other attacks demonstrate that keeping
weak crypto code around does have negative consequences,
and with DROWN those are pretty impressively negative.

Cheers,
S.