Re: [kitten] draft-kaduk-kitten-des-des-des-die-die-die-01.txt
tom p. <daedulus@btconnect.com> Fri, 07 April 2017 16:36 UTC
Return-Path: <daedulus@btconnect.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7D67129540 for <kitten@ietfa.amsl.com>; Fri, 7 Apr 2017 09:36:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.697
X-Spam-Level:
X-Spam-Status: No, score=-4.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkEgLmynPqQc for <kitten@ietfa.amsl.com>; Fri, 7 Apr 2017 09:36:46 -0700 (PDT)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10091.outbound.protection.outlook.com [40.107.1.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85426129519 for <kitten@ietf.org>; Fri, 7 Apr 2017 09:36:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GhSEqKLPExWLZrHQPYy2WLlg2WgAAsuAqSFMQMPOb3Q=; b=KnQ9A2X17SLFbvMql2y9sPdNNV7puAQUZpxGg2+qhp96PUvXAClMLIoNJOaCK6rd988qRQIKbL64NyspIeHYyMD/185C1M7tiy4d947jsep1mDAnMyOKgyhaB00YZJZwwRN9MKKXi7lf/Bjl5p7RW91EmyNB9dtA83+J9wWxNvU=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=daedulus@btconnect.com;
Received: from pc6 (86.169.157.161) by DB5PR07MB1560.eurprd07.prod.outlook.com (2a01:111:e400:5bc7::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1019.8; Fri, 7 Apr 2017 16:36:30 +0000
Message-ID: <005301d2afbc$d6124640$4001a8c0@gateway.2wire.net>
From: "tom p." <daedulus@btconnect.com>
To: Benjamin Kaduk <kaduk@mit.edu>
CC: kitten@ietf.org
References: <149089878562.15595.17069295528887995710@ietfa.amsl.com> <00f701d2ae23$6d83ac80$4001a8c0@gateway.2wire.net> <20170405155316.GN30306@kduck.kaduk.org>
Date: Fri, 07 Apr 2017 17:31:48 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [86.169.157.161]
X-ClientProxiedBy: DB6PR0301CA0021.eurprd03.prod.outlook.com (2603:10a6:4:3e::31) To DB5PR07MB1560.eurprd07.prod.outlook.com (2a01:111:e400:5bc7::10)
X-MS-Office365-Filtering-Correlation-Id: d1142920-e05a-40a3-5b71-08d47dd43ea7
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(201703131423075)(201703031133081); SRVR:DB5PR07MB1560;
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 3:BZKV/AbyFakUCcoTa+CyJICDBUhChB1iSfF3tuuqCsgRlxS3u/85vVdEs876AkzEKjVJ9pQiYzFLGqv4kabSXf1Iie9hStHhQHuFTjQ8//2PAHs5abEiBAMO9FCBweu4RXYrYri2ehXSBvPtKbJwB31LPJc061no+lhXwrz3L6T8cYuAO/Bpi61ELB8H0M4B+4fIaFMTDblDIOraqYLdInuas2ASa+U6Gl6pN3WZX+9t5+QpgbJSSOYWUW+T73snAeYu/sl29j1eH8j/A8LQW6t182v8kGn9RDSSUalYKp8oX5pBQvQdce7DrH81gtjbKBMEDb70MZ7PPpYyeMoD+w==; 25:qMfPERzUEi2Xj4VkfOERr7iSbEDOdxH3RTpWn1JxGB5j7QvP4HIXnBW5RdBvq4JHTEUR4yEy4SKqbHZdaIm54/UDP5jr8rqv5M1VIe7S5mnGqOtLIpJYVHgxr4PbZ9m8MyVlg+hNGOgw/jFHwN7iC9Y7H25LfKntlkAuKGHChGOWpULLGtj6yv+oHDhNjBmhoEtpsjgbH1q5EjI0/03piMyB1vS2uGTIO6Xeu65mu+QYtliWHIjSDH7YYD64ldGZj6ZNSAJzVQsX8xR/m4EivQuUFRpCwy/cU9JA3FVn0UISIURgJ9jNBBq7f7f5yxQ2B8hPRicCFV+yAp+rFfp/H5FIN+GImSo/USbryNbxGhRS0MG+5dgoZthyMy4qwt4co55Y7Ipwmr9kdrxrEUNBocojv7z/XjZJgkQgNZnzvla75Fl9Mmi0cl8qfKIPUF4Od2YENqnHSD0LQYWOaA5v2g==
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 31:nwINIaXKDRg6y4KMzLHmtI/LPCsvpIkVPlsiGJDLYMkU2Huui+2nsoEgZqEa3q9lr3VYUOXD7Y0WUWVxHMZYXnlK4W1Ipk6y9PyARPhd1CoCa+711jCl5AEpRmOMXveNpB+ajpUqjb3aVOCBriQpJVFJzcfBm19Pj7krVl52oANNk3fnkziAS/gkT15+XocAUjUCPH3y9Y0Bv62GcY7ksLlu2it1qJ02jkgm3s0I0Ef4ua3DtJakFTf8VbtoOp1a8ts8+AcDlwU1u79dtkYKz6GWh/+tUH0BF/yXbBkIRk4=
X-Microsoft-Antispam-PRVS: <DB5PR07MB1560B693DE3B952693383203C60C0@DB5PR07MB1560.eurprd07.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(178726229863574)(100405760836317);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(6041248)(201703131423075)(201702281528075)(201703061421075)(20161123562025)(20161123555025)(20161123560025)(20161123564025)(6072148); SRVR:DB5PR07MB1560; BCL:0; PCL:0; RULEID:; SRVR:DB5PR07MB1560;
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 4:xUplWhAUi4GyvSTFe3rZp8ggd6k6Z2Z4+Ly179jkwgE8aHMprKazFjNVvcWWeXoN3+GtURXu+rJieGW5id2yVfbnGF1qMBt6bzraMaPY4AVl0W8WVO5d7qMQF5W6ai59sx4q8tjvqdwovuXJipUEFRdOocrO85/ic+GO/UfgophmZ36+e29VJmAQgLCWWi9b2HXOLSQxmWd57HjRUeNnTEMPouOrNX4qt98KTQMCr/IOI6FuzpdJWCCEjhArG0wgVR/CkNS+USz2vVLtxcpJYUMHalrtLlaiA9xE+WsWbIPzVBfsIuBfCfcMdBiq5uwzJ+HSYIehrgpMnq+Dksl8vrOgnfJrhhXOyi+YAoqjmZqgDxJfCMDGEY0qjUboPwx5OWdHsSbBI/a6x6g9qI125FnkXOSjc+XY/L9Z+JeJ8jmmuuO1zWQoSWjGAb+vMRmyTqD0/kC3rLWvCZxO6QUce2mB5rOKUJSN3oNzGEd5BTrWIYdHM35SpvIObO6ZwRn1qTjWx2FSeUNIc9NJRh66/98kfacmZzt2c6pGDNIP9zjuQeRv+7EZ4UQmGg876ZbX3M1GBh3KoX27h8Cb9uCS+AUmnHrerGjWwbFDF+VQgvV81O2blKO8o3ifSrplDZMMUYSde8g6WXoBvbQtjAE5c91NtzF3RVnp6lu+ja0uDmZ+IUapM9uweX9phMnqytVaKvBLXIkerCyNfBB37+C7x3tWbBBXZ+BGVBnvu5XgIiNGcPkaG+D2ie0+SUrOf9CzNaQ3AjFJ6Y2SeOMWw8DfN7Vx6cdsiPWi7Kpaw5UPsJY=
X-Forefront-PRVS: 0270ED2845
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(6009001)(39860400002)(39450400003)(39410400002)(39400400002)(39850400002)(39840400002)(189002)(13464003)(377454003)(24454002)(199003)(51444003)(6666003)(4720700003)(110136004)(23756003)(5660300001)(6916009)(38730400002)(42186005)(50466002)(1456003)(14496001)(61296003)(84392002)(4326008)(2906002)(6246003)(305945005)(7736002)(6496005)(1556002)(86362001)(2171002)(33646002)(3846002)(66066001)(6116002)(189998001)(81686999)(81816999)(50986999)(76176999)(47776003)(6486002)(230700001)(44736005)(53936002)(50226002)(8676002)(81166006)(229853002)(62236002)(230783001)(44716002)(9686003)(116806002)(25786009)(74416001)(7726001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB5PR07MB1560; H:pc6; FPR:; SPF:None; MLV:nov; PTR:InfoNoRecords; MX:1; A:0; LANG:en;
Received-SPF: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 23:rXaej0bxpSpJHm0/nDf0GNV0AnnVWdzUfclJqmGbRqVxrpT0wG16DNuqFlKURNWjI19Bk+r7zY/teqfgm6+qa/6db8BRj6RXSv8HVXp9qDbeXStkz4SvdyKwfA8OzMZdjYONJ+dc3gQ5tiHCooZ6eoMjF8o/Vb393RK6xl6z/rpHNqq4cxNYzaGTtDexOE6zLQN3RuVx4QM5Vw+JICKN1Qr4bLpcKpOn1aZ0MQGtS0rfaw20YfZfvdGtM7AVL1LGdEdckOuITQvFH0IFVFH+yHYwyZvkSiESS27NFixmcpXhj67SlUFwqTWM1rx9sbqDtbLaPUS7vgHWU6qu4RdNyMd8TFwWY28uPQ7GjLB6Wfnr77G7ujZHN+xRZKSYKC90J1ViCpXeJOtzR60NE7MHPTgj9uQj/IZ3y5zBj99VAxR7ubVCecATTJxB79x3a+UrboVY01Keh7e0oiCRXhOSrML5UDOStlQJnUnrjD7YzF5mcgANBHXuO1qPySWgTnbGfbWJy/eJv5N/blsdFZtZRKXJm9LUuIU1vtjONsG4hiy0SA+lK3bI7ItMYVKFew74e3ALNkhblGWrZnXu0dVgtJikZZGtEFZnW8hNMDLPMdGpH2Kvl0/aBNGk1JUNjEK/8zgNvknSEcdCkG0UL66hAzk2x5i0INgfxBqG5igG68jCnZGYcDT6iQMw67HQxk90PRvjwDLocKllxnDPnbrxLKPq8uIuZ37cxMRuDa9hl2PFRvA3Q00mjVSybG6wGt0n5tDusem4IQ/CKnTc8AgxLokqrdi1RJRoKD6C8AyDAKC5A60SRhndiGggLO5G4kE0s9791ZixMyshyohO1smTnCfN5wv4mqCTztaG2FHCQX/ZpOfzWFAnpvOLNg8x6zwlxmH5fx2BXFxWw7xVAt06aqnsyzBCeKubcB8bYC921sjFcOo9cO+AMleAU9QAKLkYJ7WPjWX8ryhPATfVYoo1P+dBFIZ5er58/ZNETYgq+psRJxeTMB65peRvQqvG+b+j0Fu6m9pX9MhGzGUdJGHLtPSdqBnv0vNAk8T56Wi7/sVRyrp3SlmQwisxqi+f6Ot+p25BGCt4PO4aYBqBY13CZiE/gsW1ESbC7ud8IyB4NRIgSZKy8oCVKKhHfhe4hmYtahOIVfC/8kPSCK9NcDTezNPUtoam6aGhJDDAjhinQNwD9dY+SKWoL+VkTv6pmVOcKzTTtMu4pCvTAPMsQ4+YB4ykGfV4HwZCl1TR9PDTgpHMFA3Ju/8jOsnB/7R0Y3DBGAQCfPwUOYBN78OvLLC3HlH0wrZ4srrp/5E6qmi2r20sG4JoicN+0MTLnb6ukiAYbQbspUpZoFI15X7PVpn47EJw6X29pfYz/uHZ5AEOapLC13iV+/BoOIRFi3qoPlTCurNzIGwJZDpe697dD6HTla5izC8SN5pUsrsYF8LyRNu9e6fhPoJuEGmS8nwB6sHD
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 6:s1FQqL8tNgkM0Q6gyweY7tLk8/zXffFH42lxh8kv3ejLGNINXSCR51HGgXhrKsMjrpGU4WJjy4LYf4JKEiZzleQJOQnviSsVDzl8tqVakxbKTC4/OyXRKu0J5h7tK7fmiqRoxQ6yFaOF5KbWYzyfgvAMSYErAHP8q3DDVGDbylRgnxtOUenGzsbmTWeNoQ4VNNOAi8bofb5XZTVH6YvwHnFlaWgMTAjgFgDUGMqBEI5TxZED2zU7XRRlS6Q5uNjopCcz/aKVSU0oetaG88k7K6IdU3uvXhxCNSrIgzytnWnJ0sAoJAjgWmTP7OSgSE8xDpbHvL4CnH+mMdv+0kBjeYagyjDsCSwudoTeyliCDSp+rHYojz773Vt8OIK6ljWsgZOYVUuz6lkIN6Ufy1rOcJW4XyJ4C8W0UXnbZYLiHvPuDnssg5nkiF/Mwp5aWnHPx1BYjcGqN+KB8AIxXs0FXg==; 5:tJpOSnW6E4FHTZiDgclqzjGCrSehDbHO0KS2rhSnyzSFxa3THsp0iSWQXcQZkuW2AYhI4AP4XNWf+4ndht6JVd73DUs1LXfwJkMCuUeBpnCalpzF/3XKz/p7a8K0+9n+28wqWUDlZUbSbmJho+12dQ==; 24:xiXoS/aZ330pgCfZ4VMluov4LszbR6+qvMyF6cUEaFq7il+btRgQthZBtZFei5dHmVHz4sfZjN/NIbsu8sGFchs9B5Z+nu4glw9Zl94HIE4=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; DB5PR07MB1560; 7:3ZDvca0goS/1lOue0UPcv6jIEotTCnGKoJkYEBdObnnZalEnZIOj/jN5EiC7jme6ngpwTY5rDnLcoL3n4iRke3C8yMuqX1Y+UDJ7vOYks+f68f9T2gnpnW2u+Qrj5r53QsJIJnxw+yfmXzio0pTVDJHuToMQmXuY7RazULg1eNh8Pybnoql70Jz1ulfVvNWNA0yJ1DHzf2FpQH6KzsN7f47rO4qHKBEp+ftV1Awr4+/ED9vcl9MsrvjlXVcesHcITxL4KkxBF64z/Sxxj+TmZETRZ5AX1jnchuOV/J5hJ+GPilq5le6wx2G/en+/QgNke5Nj7q4TVtevzVX2Q5yxZA==
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Apr 2017 16:36:30.1564 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR07MB1560
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/ApTBigNDyFxwuY8NmA3Dyv9The0>
Subject: Re: [kitten] draft-kaduk-kitten-des-des-des-die-die-die-01.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2017 16:36:49 -0000
----- Original Message ----- From: "Benjamin Kaduk" <kaduk@mit.edu> To: "tom p." <daedulus@btconnect.com> Cc: <kitten@ietf.org> Sent: Wednesday, April 05, 2017 4:53 PM > On Wed, Apr 05, 2017 at 04:43:46PM +0100, tom p. wrote: > > From the title, I was expecting an equivalent to RFC7465 but that is not > > what this is; I think it should be. Which WG is best placed to do this, > > I am easy about. > > I'm not sure I understand the question. You are interested in > prohibiting triple-DES cipher suites from use in TLS? That would > best be done in the TLS WG. > > This draft was given its name as a homage to RFC 6649, which AFAIK > was the first document to use that construction. Ah, I am not as well informed as you. I first came across the name of that form with RFC7465 and assumed that that was the one you were following. Having read RFC6649, I still think that RFC7465 is the way to do it. The Abstract of that RFC gives me very clear guidance as to what to do. This I-D I find less clear "The 3DES and RC4 encryption types are steadily weakening in cryptographic strength ..." leaves me wondering; would a dose of iron or vitamins restore their strength? Well, no:-) but I want clear guidance, not the evidence from which I have to work out my own conclusions. RFC7465 - wisely - avoids the word 'deprecate'; it tells users what to do, what the advice of those more expert in the field is. I have seen discussions on several lists as to what the word 'deprecate' means, with no consensus, no definition. We do now have a definition in leiba-cotton- -5226bis and since you are proposing to update IANA, then that is the definition you are going to get, like it or lump it, so if that is what you mean, you should have that as a Normative Reference; if not, then I think that you should avoid the word 'deprecate' as RFC7465 does. Tom Petch > -Ben