Re: [IPsec] revisiting 3DES and -graveyard
Robert Moskowitz <rgm-sec@htt-consult.com> Fri, 17 April 2020 23:08 UTC
Return-Path: <rgm-sec@htt-consult.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 280C33A0958 for <ipsec@ietfa.amsl.com>; Fri, 17 Apr 2020 16:08:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qT1r1RSPOk7R for <ipsec@ietfa.amsl.com>; Fri, 17 Apr 2020 16:08:14 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89DB23A0953 for <ipsec@ietf.org>; Fri, 17 Apr 2020 16:08:14 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 2D1376224B; Fri, 17 Apr 2020 19:08:13 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id MEP-b4cGnYuU; Fri, 17 Apr 2020 19:08:05 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 5857B621F2; Fri, 17 Apr 2020 19:08:03 -0400 (EDT)
To: Tero Kivinen <kivinen@iki.fi>, Benjamin Kaduk <kaduk@mit.edu>
Cc: ipsec@ietf.org
References: <20200415021321.GI88064@mit.edu> <24215.701.417106.744293@fireball.acr.fi>
From: Robert Moskowitz <rgm-sec@htt-consult.com>
Message-ID: <ee364387-6866-abdb-dd0a-0d788aae74a3@htt-consult.com>
Date: Fri, 17 Apr 2020 19:07:47 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <24215.701.417106.744293@fireball.acr.fi>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/TXIDPFr6FGsTXOMnj0FrsuKQKlw>
Subject: Re: [IPsec] revisiting 3DES and -graveyard
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2020 23:08:16 -0000
Just as an aside thought about 3DES: perhaps you saw my questions to the CFRG list where I have exactly 64 bits to encrypt and no place for an IV or such. One of the serious suggestions WAS 3DES with 3 keys. For a number of reasons I am not offering that in the initial ID, rather AES-CFB16... But for only 64 bits to encrypt, 3DES is a consideration. Nah. (also it may change to exactly 96 bits to encrypt. They left out the UA Altitude and the FAA is not happy with that). Have a good weekend all! On 4/15/20 8:49 AM, Tero Kivinen wrote: > Benjamin Kaduk writes: >> I see in >> https://datatracker.ietf.org/meeting/104/materials/minutes-104-ipsecme-00 >> that we didn't want to get rid of 3DES at that time. Do we have a sense >> for how quickly that will change, the scope of existing deployments, etc.? > One of the problems is that we as an IETF give instructions to > implementors, not to users. If we change 3DES MUST NOT, then all > implementations out there who do implement 3DES, but where it is > disabled in configuration by default are no longer conformant to the > new RFC, as they do still implement 3DES. > > Anybody who puts 3DES in any of the new implementations or new > releases of the current implementations are going against the SHOULD > NOT in the current RFC. > > Meaning they most likely have some old legacy stuff they need to > support which only supports 3DES and thats why they want to keep 3DES > in their current releases as they want to be able to talk to those. > > I would wait bit more than 2.5 years before saying MUST NOT. > >> In particular, would a general-purpose OS's implementation cause problems >> for its consumers if the next release dropped support? (Noting that >> consumers could stay on an old OS release to match the old algorithms, at >> least for a while.) > Especially with consumers and general-purpose OS there is no option > for using old OS release anymore. Most of those will automatically > update to latest version, and there usually isn't any easy way to > downgrade back to previous version when issues are found.
- [IPsec] revisiting 3DES and -graveyard Benjamin Kaduk
- Re: [IPsec] revisiting 3DES and -graveyard Paul Wouters
- [IPsec] revisiting 3DES and -graveyard Tero Kivinen
- Re: [IPsec] revisiting 3DES and -graveyard Michael Richardson
- Re: [IPsec] revisiting 3DES and -graveyard Robert Moskowitz
- Re: [IPsec] revisiting 3DES and -graveyard Benjamin Kaduk
- Re: [IPsec] revisiting 3DES and -graveyard Michael Richardson
- Re: [IPsec] revisiting 3DES and -graveyard Dan Brown
- Re: [IPsec] revisiting 3DES and -graveyard Paul Wouters