Re: IETF mail server and SSLv3
Russ Housley <housley@vigilsec.com> Thu, 03 March 2016 04:34 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D88A01B3C52 for <ietf@ietfa.amsl.com>; Wed, 2 Mar 2016 20:34:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ww8_XrBozbex for <ietf@ietfa.amsl.com>; Wed, 2 Mar 2016 20:34:20 -0800 (PST)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 87D8D1B3C4D for <ietf@ietf.org>; Wed, 2 Mar 2016 20:34:20 -0800 (PST)
Received: from localhost (ronin.smetech.net [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 047EE9A4003 for <ietf@ietf.org>; Wed, 2 Mar 2016 23:34:20 -0500 (EST)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id 6fu8zRy9Vw4O for <ietf@ietf.org>; Wed, 2 Mar 2016 23:22:19 -0500 (EST)
Received: from [172.20.6.52] (unknown [12.207.21.194]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 949249A4001 for <ietf@ietf.org>; Wed, 2 Mar 2016 23:34:07 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1085)
Subject: Re: IETF mail server and SSLv3
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <sjmvb66r1st.fsf@securerf.ihtfp.org>
Date: Wed, 02 Mar 2016 23:34:04 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <ABDE99FE-4884-4B2C-8115-8D9CB03D372B@vigilsec.com>
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org> <sjmvb66r1st.fsf@securerf.ihtfp.org>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.1085)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/yWstW-NUDKAbsWmscuQ8UtLT7P4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2016 04:34:22 -0000
> If not, isn't there a chance that disabling SSLv3 will cause *SOME* email to fallback to non-encrypted? http://arstechnica.com/security/2016/03/more-than-13-million-https-websites-imperiled-by-new-decryption-attack/ "DROWN shows that sometimes, bad crypto is even worse than no crypto," Graham Steel, cofounder and CEO of crypto software provider Cryptosense, told Ars. "Hopefully, DROWN will strengthen the general movement to eliminate weak crypto all over the Internet."
- Re: IETF mail server and SSLv3 Lixia Zhang
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 John Levine
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- IETF mail server and SSLv3 IETF Chair
- Re: IETF mail server and SSLv3 tom p.
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Jari Arkko
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Jari Arkko
- Re: IETF mail server and SSLv3 Derek Atkins
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Lixia Zhang
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 Martin Rex
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Solarus
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Solarus
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Martin Rex
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Russ Housley
- Re: IETF mail server and SSLv3 Randy Bush
- Re: IETF mail server and SSLv3 Stephen Farrell
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Doug Barton
- RE: IETF mail server and SSLv3 Christian Huitema