Re: [saag] [TLS] Lessons learned from TLS 1.0 and TLS 1.1 deprecation

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 16 October 2019 13:40 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A0D5120108; Wed, 16 Oct 2019 06:40:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=dU21wJib; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=u2QCBJVt
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8BWV_inwGqD; Wed, 16 Oct 2019 06:40:44 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20047.outbound.protection.outlook.com [40.107.2.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CACF9120103; Wed, 16 Oct 2019 06:40:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R0tnCGmANZf3GrIqw0BDtJZTpNRpZ8EisQcJTBDQ+Rk=; b=dU21wJib1sr2CzbnnlqTF8/TXg2BNHBjBLvq2kT3psdAzp24d+ewRtZQFH0y6mIi7kd4OG0w5r4oZ7uHJjdEfBvVUnY0DBH/zmhRn2O2+mmkAgnQSqIffuRfIx2VFTKPXKv0dyiwYGNxozVhZHN0hqr88yM2SU8NhT+rlflHjEs=
Received: from VE1PR08CA0022.eurprd08.prod.outlook.com (2603:10a6:803:104::35) by AM6PR08MB3989.eurprd08.prod.outlook.com (2603:10a6:20b:b0::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.16; Wed, 16 Oct 2019 13:40:37 +0000
Received: from DB5EUR03FT059.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::209) by VE1PR08CA0022.outlook.office365.com (2603:10a6:803:104::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2347.16 via Frontend Transport; Wed, 16 Oct 2019 13:40:37 +0000
Authentication-Results: spf=fail (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: Fail (protection.outlook.com: domain of arm.com does not designate 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT059.mail.protection.outlook.com (10.152.21.175) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2305.15 via Frontend Transport; Wed, 16 Oct 2019 13:40:36 +0000
Received: ("Tessian outbound 6481c7fa5a3c:v33"); Wed, 16 Oct 2019 13:40:34 +0000
X-CR-MTA-TID: 64aa7808
Received: from 55f405c3df37.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.12.59]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 389183F3-6152-406E-AA60-99060F22B9F3.1; Wed, 16 Oct 2019 13:40:29 +0000
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04lp2059.outbound.protection.outlook.com [104.47.12.59]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 55f405c3df37.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 16 Oct 2019 13:40:29 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PqiMFFTY//nsfVJpHW4bTPRaLIV35Tn5ySXagEmUUKKGn71ushMx7jBxph7N1feQq0tnFRwi7wEC3AGzq4ngIkbdrZ9Y2xyXfSATSts7U9kckwxpiQ34bHRygZ0FHPjZzmAUGXTS9BUqLzFzlB0eMoEPubW9wwRzFbLm6AaG9btG/xXDvOZzp3VmZn4Z86nnS7OI0yl3vU6OywwNX2FgOcUnfdzUSktP8IynnUDuIauvLfe1xLUb7zGaJxxKlmQCDh2LwLbj48/BMr/XKlnGIFOlbvoBlP8rfi6LvQTn+iAU9j1ENpzk8DgH2gPb+hPjRoq/0NYn6XewV69t/E1F3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cR5N/Bq366amcpSju8DCspeN2eGyC9NqxzjgEZyxRHc=; b=PTdIQ8bAlejF3BTV6TCryX6n7qI9s3ozetvKpLTW6QGpWeOX9Sbl9+SnABag+anHoh/rNfZ1rPcdjNmrvevIzpNbzIkCnuluYIH/bsxEP6qJJSJBP1VHubLDvCyEIPPBB74/FL9gWswLQ/x8QYMIFfRNU3CaPIGLtce3NQOuWYRaXtjkQYMndpG5ORx/OE7llPG2UwxSENaA2/BVrCQPQob3qBpuHYVLo1nz6scFiw+q0nR5U2bIaLbpkCUC94t2QQ0JGQwFNn/4AIRZ24yLQ/g4rLuyzeorJloc7ZhcmPRe8f7dNlt0cYYKW5NB50kP85viVczu0nlVzsfXrDj8/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cR5N/Bq366amcpSju8DCspeN2eGyC9NqxzjgEZyxRHc=; b=u2QCBJVtobTNozvJq82OU8Z7mnGmLEQob9AL5BrgbP7xzvSIY9Cx1KbXETblLae082ZZqpUbgV9z9fDTSCA/1em3IRHj455zWOnc7LhtEjN1N0vdWx3M/02vyn+LUbcqjJ1jsIMat9aAoqJfoYETTccnmSRgAKUsk9/oXT4liMo=
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com (52.133.245.74) by VI1PR08MB3870.eurprd08.prod.outlook.com (20.178.80.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.17; Wed, 16 Oct 2019 13:40:27 +0000
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31]) by VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31%2]) with mapi id 15.20.2347.023; Wed, 16 Oct 2019 13:40:27 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "hannes.tschofenig@gmx.net" <hannes.tschofenig@gmx.net>, "TLS@ietf.org" <TLS@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [TLS] Lessons learned from TLS 1.0 and TLS 1.1 deprecation
Thread-Index: AQHVe2jJg2f9VjEFuEec6uHWJQ1CSKddU8Lw
Date: Wed, 16 Oct 2019 13:40:27 +0000
Message-ID: <VI1PR08MB5360EC668FC3EBB6AA065444FA920@VI1PR08MB5360.eurprd08.prod.outlook.com>
References: <03B5BDAC-5B17-47B2-85D0-225DCCABDC42@ericsson.com> <024b01d5785d$51b3d7d0$f51b8770$@gmx.net> <0B7954B0-275B-45BE-9353-695612B7F5D3@ericsson.com>
In-Reply-To: <0B7954B0-275B-45BE-9353-695612B7F5D3@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 60c5849c-ccb4-4776-93b6-e0334875c308.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.123.83]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: b616f816-3cad-4943-5b92-08d7523e6d3f
X-MS-Office365-Filtering-HT: Tenant
X-MS-TrafficTypeDiagnostic: VI1PR08MB3870:|AM6PR08MB3989:
X-MS-Exchange-PUrlCount: 1
X-Microsoft-Antispam-PRVS: <AM6PR08MB39893B6FEB0385567F46CE11FA920@AM6PR08MB3989.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:6790;OLM:6790;
x-forefront-prvs: 0192E812EC
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(136003)(39860400002)(396003)(366004)(13464003)(189003)(199004)(305945005)(66556008)(6116002)(76116006)(66476007)(2906002)(2201001)(26005)(64756008)(6436002)(478600001)(6506007)(5660300002)(186003)(102836004)(53546011)(3846002)(966005)(74316002)(66946007)(33656002)(7736002)(66446008)(6246003)(7696005)(76176011)(11346002)(446003)(99286004)(66066001)(14454004)(71190400001)(71200400001)(8936002)(55016002)(486006)(52536014)(81166006)(476003)(2501003)(25786009)(8676002)(9686003)(81156014)(229853002)(14444005)(256004)(110136005)(86362001)(6306002)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3870; H:VI1PR08MB5360.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: N9j5BWWyxcMhxg20NH5fD0GIBH1XQeSA+Ov114HFwAVIzkowWh3+hpumRo9z9zvZrnNO4pXAvrw5bNnl7/UaMzskwk5fDFft8/1aGJt5VuIdUoeGIK7d+PWIgbWFFYhsX4hxF7IqSiXaCsEAUYEqSfb30J8+p0iLc5mUGXyDWKxTCwLc2BMUMfV6N6srXLLz4yoZSC7Xpyc2JPO3ehiUPf9Ph3VE4FiWTBce6X5o0nH3PHozEpdFwqnokhxDoclMIthrpwwXN5wGyN/n+QxyWMHeipN8G83xZV+zD98nA5nLxXAnbmdEtIbgXHQfvNDSurj1Ivr52HWfJpF7FTISImCl7rjH/9jaYIcPpdc81luGYgQX+KLGy1OkzuBakn1Yv1mMhBduyBCG8LmFMETxtTV+DLSFjQRA6IhXqOQmbIaa8aLSuwOtbTPHBVdRZBuKFs2qphMcdslxb13gXQqjEQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3870
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT059.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(346002)(39860400002)(376002)(1110001)(339900001)(13464003)(199004)(189003)(40434004)(14444005)(11346002)(9686003)(336012)(446003)(47776003)(2201001)(6116002)(3846002)(8936002)(450100002)(74316002)(2906002)(33656002)(7736002)(229853002)(436003)(86362001)(5024004)(305945005)(52536014)(102836004)(6306002)(7696005)(70206006)(6506007)(53546011)(26826003)(22756006)(55016002)(14454004)(76130400001)(186003)(2501003)(76176011)(478600001)(26005)(966005)(5660300002)(316002)(476003)(8676002)(50466002)(81156014)(81166006)(99286004)(356004)(110136005)(486006)(6246003)(66066001)(70586007)(126002)(25786009)(23676004)(2486003); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB3989; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Fail; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 0f6e2a7c-f4b6-4c1b-669f-08d7523e67b3
X-Forefront-PRVS: 0192E812EC
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 3ulNnLwMQ70mCKB6KErHTfxLvm+JdZvChcgewAo4h3U+mcEX7k9YWZK3szCbmuY+k5uuX5wdGjDFhaknTk7xmAZ3i0DDmQ59wpF56GcUAlw4hqHv45urChMEib8DmRjjwT587ghCgnBC95E3mdshS2A0jrEqHCh/xnO9Y6VZ5wiJ/VjuHUwVwdo8QBYj91aH8JdxJtVCHW1U4y6cfxeQCqBBf+2XLHpkQgaGJlb4kAKR6NUKYhDcrj3cVQwY6gydml1nZQnPeih2ys3UedGkTGaWlfttPWfZcxWu86zmk5+KIyBUaYNnh92GThClZQuzARxrwk9h69jBJEFE5eTfHNYm4SkvBCcgS/FuN/jA1pft8KfxYM+8cviP307FrLyvrlKleUQuSegDpr95n+UlHE7wRpTzIq3isMw9J564gTlGtktV8Gt5F+ZhUFPcLtt7IlsSbC4gtgJgx1gK0uYHIA==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2019 13:40:36.9812 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b616f816-3cad-4943-5b92-08d7523e6d3f
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3989
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/DG3y-0bl0hYMrEjMDESMRfOjAkg>
Subject: Re: [saag] [TLS] Lessons learned from TLS 1.0 and TLS 1.1 deprecation
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 13:40:47 -0000

John,  you reference RFC 7540 and I believe you wanted to refer to RFC 7925 instead.

RFC 7925 talks about the Extended Master Secret extension, Signature Algorithm extension, and
OCSP stapling.

Ciao
Hannes

-----Original Message-----
From: saag <saag-bounces@ietf.org>; On Behalf Of John Mattsson
Sent: Samstag, 5. Oktober 2019 12:36
To: hannes.tschofenig@gmx.net; TLS@ietf.org; saag@ietf.org
Subject: Re: [saag] [TLS] Lessons learned from TLS 1.0 and TLS 1.1 deprecation

"hannes.tschofenig@gmx.net"; <hannes.tschofenig@gmx.net>; wrote:

> PS: As Kathleen noted TLS 1.2 and DTLS 1.2 are perfectly fine if you follow RFC 7925/7525.

While TLS 1.2 and DTLS 1.2 can be configured to be secure, RFC 7525 is definitely not enough. RFC 7540 would be a good start, but also that would need to be extended with support of extensions like Extended Master Secret, Signature Algorithms, and Certificate Status Request to be considered fine in 2019.

Cheers,
John




_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinfo/saag
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.