Re: [saag] AD review of draft-iab-crypto-alg-agility-06

Martin Thomson <martin.thomson@gmail.com> Thu, 27 August 2015 20:50 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C71A1ACCE3 for <saag@ietfa.amsl.com>; Thu, 27 Aug 2015 13:50:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4T2ujxE0rZRv for <saag@ietfa.amsl.com>; Thu, 27 Aug 2015 13:50:49 -0700 (PDT)
Received: from mail-yk0-x230.google.com (mail-yk0-x230.google.com [IPv6:2607:f8b0:4002:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EB7C1A039A for <saag@ietf.org>; Thu, 27 Aug 2015 13:50:49 -0700 (PDT)
Received: by ykdt205 with SMTP id t205so33951947ykd.1 for <saag@ietf.org>; Thu, 27 Aug 2015 13:50:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=5LuTf+yLQBGXQwNdixf8No0RsytGCYDqK7VBUoaX8Dc=; b=W08ZK7Zu6ZM2fifXLOVtKGIb2B7V69/QBLLfSMVIV/15o+IXliKEvrXTr+OQRB5R44 qzRn5AAC8kmFG78TVRFoZ7yWioH1hznZ44ZCzzcD4B1Y1RXhXTadL+gfChOx1+xeyZzD j+RzEE/CRhPA3cMPG8IJimkgTl95ovpJ+4L1m5XWNNy4EzzFSPntD8BttlSlYg/p4Lgd ZwgWQzPbIMQlYh/0Wn5tqYhxLfdPJvjOjB2nZlxUy6vMoRMmIR0aYkBYAPH+fJQCmELz wBlC8VENzoj41SvyJ78SNLNBsaFVJJlUAGWRllURamOV5WS5ypM/fHBXBqeGq5kgAXCD hsHA==
MIME-Version: 1.0
X-Received: by 10.13.234.138 with SMTP id t132mr5488801ywe.89.1440708648736; Thu, 27 Aug 2015 13:50:48 -0700 (PDT)
Received: by 10.129.133.130 with HTTP; Thu, 27 Aug 2015 13:50:48 -0700 (PDT)
In-Reply-To: <CACsn0cnVAPWxwyjSTzBkEyTNipybATceLo7h9jntjFnwirKSmQ@mail.gmail.com>
References: <20150728053035.GR4347@mournblade.imrryr.org> <CAHbuEH7B3_G9vAhw=U2tuz-Uh8mKMUfL6s=H+BOG96FDZaACig@mail.gmail.com> <20150824212907.GN9021@mournblade.imrryr.org> <619ffebb05ba4e2a9af03a6dcc768d6e@ustx2ex-dag1mb2.msg.corp.akamai.com> <20150824215037.GO9021@mournblade.imrryr.org> <9A043F3CF02CD34C8E74AC1594475C73F4AE62A1@uxcn10-5.UoA.auckland.ac.nz> <20150825134333.GX9021@mournblade.imrryr.org> <6b5167f3d0684a8a91caa6d37dec65e3@ustx2ex-dag1mb2.msg.corp.akamai.com> <20150825160627.GH9021@mournblade.imrryr.org> <55DC961A.903@cs.tcd.ie> <20150826055240.GD13302@localhost> <55DD89F2.8050801@cs.tcd.ie> <CACsn0cnVAPWxwyjSTzBkEyTNipybATceLo7h9jntjFnwirKSmQ@mail.gmail.com>
Date: Thu, 27 Aug 2015 13:50:48 -0700
Message-ID: <CABkgnnUOs6CMFAaBfB6dHXdn+PKemsSaX_Yy-9cCBcNJq7jZrA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/ENuucvDPwGbJS4Gi78I82-_7MOs>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 20:50:50 -0000

On 27 August 2015 at 13:37, Watson Ladd <watsonbladd@gmail.com>; wrote:
> At what point can we remove the code from OpenSSL? That's the endpoint
> we should be aiming for.

I expect this to progress roughly as follows (for Firefox, and in general):
1. announcement
2. disable, maybe with a way to manually override
3. disable with no override
4. disable this on the last of the servers
5. remove from the library

You are asking about step 5, which is important, but some of the
intermediate steps have a non-trivial benefit too.

The reason for step 4 is a little ugly.  We run openssl on our
download servers.  We want to offer Firefox downloads to users who
have old and busted browsers.  That means we need to be a little more
promiscuous on those servers than we might otherwise want to be.  That
means that we also don't do anything much of importance on those same
servers.

We want security updates too, so we want new versions of openssl that
will support us.  That means that openssl will likely support old and
crufty stuff for longer than you might think.

We still haven't disabled SSLv2 in NSS, but that's laziness.  The
reason will still have SSLv3 in NSS is in part due to step 4.