From nobody Mon Dec 13 07:43:25 2021 Return-Path: X-Original-To: syslog@ietfa.amsl.com Delivered-To: syslog@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44F8E3A0657 for ; Mon, 13 Dec 2021 07:43:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SRLEHjo3FEBh for ; Mon, 13 Dec 2021 07:43:17 -0800 (PST) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2043.outbound.protection.outlook.com [40.107.22.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32E7C3A076F for ; Mon, 13 Dec 2021 07:43:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bOxsYWZ+fMqq6QX+SuZI/PNshgGuKqZ05RfJb6ukbVxqFn9vKlRIJOKpzfLpnu9aVSE30M1egZRgs9eV6qHE9Iuah5fhEK9QPW+l94g1kpX5YaVfxWJs+1/jSVJjKJg+Y/9AaeStmn5wQewBjPMzmXrFbbmNjFF91S3/plxPZrRVfc4pprMt3Gk9ZF1rudo+yDrK0QF7B9EusON2z77sSJceKdNXuxQSxVhXJxSNQWxIA8bC07kf2cSPdzZEVAXTcVEG7UjoUYxWu01MUL628yLw5ns8cS1fN1MuVAjsQ6K2YjFYtE78NiGgqsldlfGCZ9+vOT/IcNDCs5XIj/u0WQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9uhSiZGr4VhcYD9b3Ir8j8rhFu4g2C2QVK0+iVVs39I=; b=Z9VlTKyQwYXM4J8wXBHc02jvS9JmsqhRlr0LMUg7IDTnnJviKbbIV1K/hW+Mf4q98nxmo31ENNEX8zYZRo+A7CkNLR655itjsT8lxacn5wwV4Hwok1Vvs46SZEMfcd2dmKV5NR6JGaJttbVKXpd8oE32LC+GnTEityq6Ct6ik/ujgRt2EyqUe2KQEsJsaqN5yjqFke32YvegzAJ3nD3w871gxQscKwT69v28PhUgmIEAtRQRPaURZIWnh27t++Duob4xzDX6xDzZRYrT8866usnkmukV/+Noe8rnCHjAJjt1kIJXR/8Psa2u9/1rDVP+UOsGVcIQp9KNSSde4eIIcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9uhSiZGr4VhcYD9b3Ir8j8rhFu4g2C2QVK0+iVVs39I=; b=0Ja8uTb0V1mxGbVPARC7w8g2Ht2S5m5i7rgeyvG/9OnHt0q/9GtylPEjujham5XEv3MwFlkTiq6U7BY/IeAIQP2QM+Gvd1b7m/F91UHDpfkaVlKxtX0SCpyNl1Q9ysRRHSl+NC57arXD2dOO5DY+PxBpmz9IaSY8YK6RCk90NbmuVyTuXZ8Fh/F3icLPTi0kuMX5XPA4+DMEiYbkJUyGE1WuUIhOqI/RN1b6rvHbdTPQX/Twi1Juf/FKAAT2zkwKaMXhXQyEEf23ugTTmadFMFR40ZkjapLr9Mb7yEf/NRIAGj6qLHsRsHz3H0FU94nWQZl9Emx2AklGF9jO9KvItg== Received: from DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:348::20) by DU0PR10MB5265.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:349::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.21; Mon, 13 Dec 2021 15:43:14 +0000 Received: from DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM ([fe80::188d:b1dc:19e:19eb]) by DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM ([fe80::188d:b1dc:19e:19eb%6]) with mapi id 15.20.4734.024; Mon, 13 Dec 2021 15:43:14 +0000 From: "Fries, Steffen" To: "syslog@ietf.org" Thread-Topic: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt Thread-Index: AdfwMnGFL5jqDuLGRheneFagy7BFBw== Date: Mon, 13 Dec 2021 15:43:13 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2021-12-13T15:43:12Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=c7d2c698-2d00-4efd-9480-2dcc90d35e79; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0 document_confidentiality: Restricted authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 60f950a7-d1ad-4884-584f-08d9be4f464d x-ms-traffictypediagnostic: DU0PR10MB5265:EE_ x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: PUYTNZs7xIkMfHOX0iXaBCWTZRVRw6t1wOCzP0aphUuGH5DKHzW74GgUcvpkNm3A32XNBGamoB0IfMtMOyY9CjQB5Zex7j4myCD1x+qx8dLnOpo59YSp+F9iXpB5BVrJ7qsjJy8VBiODShXSrCzFDuHMxWeUR3BKTsMBxdQwFfnjjLgvBAUqN4MQknt88iM7+AwOWzu3nTV5kGdO3JUlU3cFueqF732dIO+jj3IwZtxyWl9DadmRtKDrwzuNR9W4CH3/R7My3w9AtqzREXA96hPvCttG9GnsEcQ1rxzpeVJuF5VcOME3fH9OEl8lPPI423stG1bKatzrhJ1mF6VnVc5tnOAE0C5tYc49PTgln1Hz79K4vA4OYSTECEIP9JjpAs9RILabhYAANmu/VwkTwOaBR64Dgcsev0UcjaEeZJJCL41WxiY1IXuT6MjD4RXiEdhJ40rp5sy3egPQozRoOwJkhPbKplTqPyeC78SsPmrE6TzPNBj/lPKnUzfJ0Ze9WeGKafZ5bqV+sZFncPbdYMUKb6RAYeMC3CTkHMfEc7pFpUBajEq6pq51nvlZCULnmpifWhitstsUqkEw9M2dOyvdKWUUZFWnfq2OG41zgH4K7BfxAPXkc6kRT3m221ZhVZvXJE5NcynArhmLJIhqxKs/EncwnQYMttnI5hnD/STmSgmwA3WgGrkTbOJ/SOGw6158lDBL8opEeG8CQZ4tOVtPtAd5M5EJvwvmzLgStsQkzsVQihDTsHAhKbB+x0y5wMgniXNxUmcYOmRpLOejwXEQQjcAqhjikr8TmyCgUJ6lV8n4a9oI0zeuJIhaFzYycqqlsGGd0wUckT4UnJDTIA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(82960400001)(8936002)(83380400001)(71200400001)(66476007)(2906002)(53546011)(38100700002)(76116006)(66946007)(64756008)(4001150100001)(7696005)(5660300002)(186003)(55016003)(6916009)(40140700001)(66556008)(8676002)(21615005)(66446008)(66574015)(52536014)(6506007)(38070700005)(33656002)(122000001)(166002)(9686003)(316002)(508600001)(966005)(86362001)(26005); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?/FUvsZNDhAdxaO5ZqzP9N5iehs8u5J9nu4U8UVHKnyNqFOTNN8zI8RQcPNCQ?= =?us-ascii?Q?pHlWDumm4+N9+iOb6fsn8R2QEFUM/B9AszSyo6c/yhdGFa0NwSHu3kA7ZMHz?= =?us-ascii?Q?lPSvGRDJWPyJUblQMyLdZ4YdphVEsTEeY9JMgIb3EjUE9nWp9flBCxk4CloV?= =?us-ascii?Q?qvmab2c2Wk4usvIhCNK79ByTj+xFs1dd7sGB2yL3OuWWVtNNPOdG2apEVDOh?= =?us-ascii?Q?u5tocsvZis8oJbbtppFTfElNmwr874cqp7wFdDVuH030Zr9AVM7SXg9z6J2r?= =?us-ascii?Q?SCTTx6M5Znb1C8Nhj/bDD0wFrWqsCfZbUKvZGDsDeFzIEGOfoea7EserFW9p?= =?us-ascii?Q?Bh8cBVj20bjzqxwC/zUuwvPN+1H40rn+NGR2eDdztpzqLGrHpL97tmQtcYma?= =?us-ascii?Q?TWIQczakteh6+hdFoFljuq8D39rXw7iM60ve9q6D1baf9GZ18nn4chIHbYqn?= =?us-ascii?Q?T2BFBavedbuRrbvi7fSyZz0ENyejBtpRsJ2gmIVwvZV1EczEsrGtvAKk0cxs?= =?us-ascii?Q?P+ZE2MzQZxaryloKhtVy7b5ehvgx6BdbgymBfxfkpB8kvn0q3UJiSRROI3zX?= =?us-ascii?Q?3yWZvwEL599yE3wJ9VywYJN3MRoILaKJqyBesR0SGTNN+xv/hugR5AfomrSJ?= =?us-ascii?Q?WcKlqeisFI7dPyMw+71YWYvtQUvUXSghY0HiTYupJ47FFqd34d8hTVC3qbIU?= =?us-ascii?Q?83qJCs6X+IQ7jz5TODTMZD8Ec/jrSBPn08oxzVje8ia06IT/0nR1QnGpbH/a?= =?us-ascii?Q?j3KQXWY5nYRPExLW400/aRupRR+HzQcsdKBnYSgMR/MX9BcTlXa5LLBfI6ki?= =?us-ascii?Q?QQ7Ztp/jNxgNABDvgx3sY7/IlnmnN2Krg6+uHj4GhBZn3fENUFknywdmWcIH?= =?us-ascii?Q?tvYcr19PffRz2YtTGeg1B9P3jKIOnb+slTIxp0XMxYCRxjXr6Sr0KSsbKmUh?= =?us-ascii?Q?ywbeWR82UfzwbMEaB5qezzMc6nnfPs8dJuJgGvuoRoVFYzb5AbeUH9euaIJn?= =?us-ascii?Q?79CGQ8YG6h32CMGZOKJfVB+gVWvSUTmfJjxh9/hqtV/CQhbEr0N/StnFSL3y?= =?us-ascii?Q?rIBUXP9Obqx3GGDASDX8eu/kE9DJE6T6E9ZnoGP2fmgqKUnxsrca+GOOUf0B?= =?us-ascii?Q?8VsdI8GoskMcA0EHlpjPUN9tfvdwiOYba+Jt4lmTJcptXbLARxIW8FbFljgj?= =?us-ascii?Q?OQPYBSCxe+/6Of07bDh7USd7fmRZoMsGNTEaXR+nFMfyNZovk74itxgpd6a8?= =?us-ascii?Q?w9s5hRwHCjSwKzvfqpGwC7ipKCYlNdo09NxImiyaRTCIrP5bwVwXSVD0sJn4?= =?us-ascii?Q?I3jrHByLZVDMGmwSyfl/ZfJiqQcAMtqV8E3gOb+aC9aK3/lNkGUv326ttzQ6?= =?us-ascii?Q?UlDmgO0zfsZqhu5n5+QNBWFIb2cCr1M7HPCPpTnhWBC/QUtf18vEsVwxnyBB?= =?us-ascii?Q?2serJKbwK5dQg2csfGwoMKXpQovXhPGQLRQ8pULewCyEEMKM62qR+rc+Bnf4?= =?us-ascii?Q?JDzcDHPNu4Uz4Nla+4bIbGn3iCErFXX/wrvpkRabkL3mbhf7w6M7VdnFImb7?= =?us-ascii?Q?B4UXAbX5I8Xf+BvBh65GuXb10ot0Sa0NBjc2bTuQBarzXHDH/s0wEN3TubkR?= =?us-ascii?Q?uSR3Bo+Njo7OB06fgqwf+QWKwNnm+UWYAD7GOSGL5nItGNVVF3dYjnso4QD9?= =?us-ascii?Q?cC3ZQg=3D=3D?= Content-Type: multipart/alternative; boundary="_000_DU0PR10MB5196F3E0D89512D564AFEB25F3749DU0PR10MB5196EURP_" MIME-Version: 1.0 X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 60f950a7-d1ad-4884-584f-08d9be4f464d X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2021 15:43:13.9648 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: GfySskhpIrHD+bmToqEFUJ6xcTdUw8A4rUl/cXN9TXgWKvYri/I8lQlXeYmXnKBbWxJNBfQJub9jqHu+hKKAvSn0iYt2TVKQWr5fkhrm6rY= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR10MB5265 Archived-At: Subject: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Dec 2021 15:43:23 -0000 --_000_DU0PR10MB5196F3E0D89512D564AFEB25F3749DU0PR10MB5196EURP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, Sorry for jumping in late into the discussion. First of all, thank you Chri= s for the prompt reaction updating the two related RFCs. Also thanks for th= e acknowledgements. Just as a side note, we (IEC TC57 WG15) had a similar discussion with the R= ADEXT WG a while ago as we use the RADSEC RFC 6614 in WG 15 as well and wer= e unsure if we can utilize a stronger cipher suite than stated in the RFC a= nd still use the port specified in the RFC. RFC 6614 has not been updated, = yet. Chris, I understand the hesitation about key strength. I think there are ot= her documents available like from NIST or the German BSI, which provide rec= ommendations. So leaving it to the actual operational environment or a doma= in specific standard would also be fine from my point of view. Tom, I think you are right about the reference to RFC 8446 regarding DTLS 1= .0. Maybe it would sufficient to simply reference this RFC as reminder, tha= t the deprecation of DTLS 1.0 has already been done. That it would be suffi= cient to only state the updated mandatory to implement cipher suite. Regarding the draft I have some smaller comments: * Section 4/5 mentions cipher suites, which must not be offered. * Stating just one cipher suite seems incomplete and may also change= over time. Or was the reason that it was explicitly requested in the orig= inal RFC? Would it be better to provide a recommendation that the cipher su= ites listed under IANA: https://www.iana.org/assignments/tls-parameters/tls= -parameters.xhtml#tls-parameters-4 with the recommendation SHOULD not be us= ed? There is a similar kind of statement for the cipher suites used in TLS = 1.3. * A proposal for section 4 would be to replace Implementations of [RFC5425] MUST NOT offer TLS_RSA_WITH_AES_128_CBC_SHA. = The mandatory to implement cipher suite is REQUIRED to be TLS_ECDHE_RSA_WIT= H_AES_128_GCM_SHA256. With: While [RFC5425] required mandatory support for TLS_RSA_WITH_AES_128_CBC_SHA= , this document deprecates this cipher suite. Moreover, implementers are po= inted to the IETF recommendation for cipher suites under IANA: https://www.= iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4. = The mandatory to implement cipher suite is REQUIRED to be TLS_ECDHE_RSA_WI= TH_AES_128_GCM_SHA256. * Likewise a proposal for section 5 would be to replace Implementations of [RFC6012] MUST NOT offer TLS_RSA_WITH_AES_128_CBC_SHA. = The mandatory to implement cipher suite is REQUIRED to be TLS_ECDHE_RSA_WIT= H_AES_128_GCM_SHA256. With: While [RFC6012] required mandatory support for TLS_RSA_WITH_AES_128_CBC_SHA= , this document deprecates this cipher suite. Moreover, implementers are po= inted to the IETF recommendation for cipher suites under IANA: https://www.= iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4. = The mandatory to implement cipher suite is REQUIRED to be TLS_ECDHE_RSA_WI= TH_AES_128_GCM_SHA256. * The reason for deprecation instead of disallowing (MUST NOT) is to= let it a security policy decision of an operator to allow migration toward= s stronger crypto or to support legacy servers with new clients without vio= lating the updated RFC. This would also align with the text in the security= consideration section. * Section 4/5 now includes (D)TLS 1.3 optionally, which is good. Regard= ing 0-RTT, I would share your opinion. In WG15 we also do not allow 0-RTT t= o always use fresh keys. Please let me know, what you think about it. Best regards Steffen On Sat, Dec 11, 2021 at 12:44:53PM +0000, tom petch wrote: > > > ________________________________________ > From: Syslog on behalf of Chris Lonvick > Sent: 10 December 2021 23:27 > To: syslog@ietf.org; sean@sn3rd.com; Joe Salowey; Arijit Bose > Subject: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-syslog-00.tx= t > > Hi Folks, > > As Tom and Jurgen noted, Arijit Kumar Bose did send some notes to the Sys= log mailing list. By the time I had snapped to, the system had timed most o= f them out. I finally got that last one approved and forwarded to the maili= ng list. > > Arijit (and the IEC WG15) rightly notes that the RFCs are using deprecate= d cipher suits and the DTLS RFC is using a deprecated version. > > > > > Chris et al > > This is flawed. The use of DTLS1.0 was noted by a security AD a long tim= e ago and is now deprecated and the syslog RFC have been updated according= ly so anyone saying that syslog uses a deprecated version is wrong; they ne= ed to understand the IETF process. > > I tracked the work on the TLS list and even posted to that list the fact = that the syslog RFC were missing. I was ignored so I tried again at IETF L= ast Call and this time got them included (Ignoring me does not make me give= up:-) > > So your I-D needs to reflect the existing update. Reinventing the wheel = will likely cause confusion amongst subsequent ADs. > > Tom Petch > > Sean, Joe, and I worked out a -00 draft to address these issues. Like all= -00 IDs, it's open to comments. :-) We know that there are some larger eff= orts underway to address TLS, DTLS and cipher suites. We're not going to tr= y to do that here. Rather, we'd like to update RFCs 5425 and 6012 to get th= em compliant with current standards with a minimal impact to current implem= entations. > > Sean is going to run this by the secdispatch group to see if they can mak= e a recommendation on where this may be best addressed and discussed. I'm s= ure that we'll get some good input from the group here on the Syslog mail l= ist, so please send in your comments and let's get these two RFCs updated t= o using current best practices. > > Best regards and have a great weekend, > Chris > > > -------- Forwarded Message -------- > Subject: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt > Date: Fri, 10 Dec 2021 14:57:44 -0800 > From: internet-drafts@ietf.org> > Reply-To: internet-drafts@ietf.org> > To: i-d-announce@ietf.org> > > > > A New Internet-Draft is available from the on-line Internet-Drafts direct= ories. > > > Title : Updates to the Cipher Suites in Secure Syslog > Authors : Chris Lonvick > Sean Turner > Joe Salowey > Filename : draft-ciphersuites-in-sec-syslog-00.txt > Pages : 8 > Date : 2021-12-10 > > Abstract: > This document updates the cipher suites in RFC 5425, Transport Layer > Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram > Transport Layer Security (DTLS) Transport Mapping for Syslog. It > also updates the transport protocol in RFC 6012. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ciphersuites-in-sec-syslog/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ciphersuites-in-sec-syslog-00.html > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-d= rafts > > > _______________________________________________ > I-D-Announce mailing list > I-D-Announce@ietf.org> > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > _______________________________________________ > Syslog mailing list > Syslog@ietf.org > https://www.ietf.org/mailman/listinfo/syslog -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 https://www.jacobs-university.de/ --_000_DU0PR10MB5196F3E0D89512D564AFEB25F3749DU0PR10MB5196EURP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable 
Hi all,
 

= Sorry for jumping in late into the discussion. First of all, thank you Chri= s for the prompt reaction updating the two related RFCs. Also thanks for th= e acknowledgements.

= Just as a side note, we (IEC TC57 WG15) had a similar discussion with the R= ADEXT WG a while ago as we use the RADSEC RFC 6614 in WG 15 as well and wer= e unsure if we can utilize a stronger cipher suite than stated in the RFC and still use the port specified in the RFC. RFC 66= 14 has not been updated, yet.

=  

= Chris, I understand the hesitation about key strength. I think there are ot= her documents available like from NIST or the German BSI, which provide rec= ommendations. So leaving it to the actual operational environment or a domain specific standard would also be fine from my point= of view.

=  

= Tom, I think you are right about the reference to RFC 8446 regarding DTLS 1= .0. Maybe it would sufficient to simply reference this RFC as reminder, tha= t the deprecation of DTLS 1.0 has already been done. That it would be sufficient to only state the updated mandatory to i= mplement cipher suite.

=  

=  

= Regarding the draft I have some smaller comments:

  • Section 4/5 menti= ons cipher suites, which must not be offered.
    • Stating just one = cipher suite seems incomplete and may also change over time.  Or was t= he reason that it was explicitly requested in the original RFC? Would it be better to provide a recommendation that the cipher suites= listed under IANA: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-pa= rameters-4 with the recommendation SHOULD n= ot be used? There is a similar kind of statement for the cipher suites used= in TLS 1.3.
    • A proposal for section 4 would be to replace

Implementations of [RFC5425] MUST NOT = offer TLS_RSA_WITH_AES_128_CBC_SHA.  The mandatory to implement cipher= suite is REQUIRED to be TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.<= /span>

With:

While [RFC5425] required m= andatory support for TLS_RSA_WITH_AES_128_CBC_SHA, this document deprecates= this cipher suite. Moreover, implementers are pointed to the IETF recommendation for cipher suites under IANA: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-pa= rameters-4. The mandatory to implement cipher  suite is REQUIRED t= o be TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.

    • Likew= ise a proposal for section 5 would be to replace

Implementations of [RFC6012] MUST NOT = offer TLS_RSA_WITH_AES_128_CBC_SHA.  The mandatory to implement cipher= suite is REQUIRED to be TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.<= /span>

With:

While [RFC6012] required m= andatory support for TLS_RSA_WITH_AES_128_CBC_SHA, this document deprecates= this cipher suite. Moreover, implementers are pointed to the IETF recommendation for cipher suites under IANA: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-pa= rameters-4. The mandatory to implement cipher  suite is REQUIRED t= o be TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.

    • The reason for de= precation instead of disallowing (MUST NOT) is to let it a security policy = decision of an operator to allow migration towards stronger crypto or to support legacy servers with new clients without viol= ating the updated RFC. This would also align with the text in the security = consideration section.
  • Secti= on 4/5 now includes (D)TLS 1.3 optionally, which is good. Regarding 0-RTT, = I would share your opinion. In WG15 we also do not allow 0-RTT to always use fresh keys.

=  

= Please let me know, what you think about it.

=  

= Best regards

= Steffen

 
 
On Sat, Dec 11, 2021 at 12:44:53PM +0000, tom petch wrote:<=
/pre>

> 


> 


> ________________________________________


> From: Syslog <syslog-bounces@ietf.org> on behalf of Chris Lonvick <lonvick.ietf@gmail=
.com>


> Sent: 10 December 2021 23:27


> To: syslog@ietf.org; sean@sn3rd.com; Joe Salowey; Arijit Bose


> Subject: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-sysl=
og-00.txt


> 


> Hi Folks,


> 


> As Tom and Jurgen noted, Arijit Kumar Bose did send some notes to=
 the Syslog mailing list. By the time I had snapped to, the system had time=
d most of them out. I finally got that last one approved and forwarded to t=
he mailing list.


> 


> Arijit (and the IEC WG15) rightly notes that the RFCs are using d=
eprecated cipher suits and the DTLS RFC is using a deprecated version.=



> 


> 


> <tp>


> 


> Chris et al


> 


> This is flawed.  The use of DTLS1.0 was noted by a security =
AD a long time ago and is now deprecated  and the syslog RFC have been=
 updated accordingly so anyone saying that syslog uses a deprecated version=
 is wrong; they need to understand the IETF process.


> 


> I tracked the work on the TLS list and even posted to that list t=
he fact that the syslog RFC were missing.  I was ignored so I tried ag=
ain at IETF Last Call and this time got them included (Ignoring me does not=
 make me give up:-)


> 


> So your I-D needs to reflect the existing update.  Reinventi=
ng the wheel will likely cause confusion amongst subsequent ADs.=



> 


> Tom Petch


> 


> Sean, Joe, and I worked out a -00 draft to address these issues. =
Like all -00 IDs, it's open to comments. :-) We know that there are some la=
rger efforts underway to address TLS, DTLS and cipher suites. We're not goi=
ng to try to do that here. Rather, we'd like to update RFCs 5425 and 6012 t=
o get them compliant with current standards with a minimal impact to curren=
t implementations.


> 


> Sean is going to run this by the secdispatch group to see if they=
 can make a recommendation on where this may be best addressed and discusse=
d. I'm sure that we'll get some good input from the group here on the Syslo=
g mail list, so please send in your comments and let's get these two RFCs u=
pdated to using current best practices.


> 


> Best regards and have a great weekend,


> Chris


> 


> 


> -------- Forwarded Message --------


> Subject:        I-D Action: dr=
aft-ciphersuites-in-sec-syslog-00.txt


> Date:   Fri, 10 Dec 2021 14:57:44 -0800

> From:   internet-drafts@ietf.org<mailto:internet-=
drafts@ietf.org>


> Reply-To:       internet-drafts@=
ietf.org<mailto:internet-drafts@ietf.org>


> To:     i-d-announce@ietf.org<mailto:i-d-anno=
unce@ietf.org>


> 


> 


> 


> A New Internet-Draft is available from the on-line Internet-Draft=
s directories.


> 


> 


> Title : Updates to the Cipher Suites in Secure Syslog<=
/pre>

> Authors : Chris Lonvick


> Sean Turner


> Joe Salowey


> Filename : draft-ciphersuites-in-sec-syslog-00.txt

> Pages : 8


> Date : 2021-12-10


> 


> Abstract:


> This document updates the cipher suites in RFC 5425, Transport La=
yer


> Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagr=
am


> Transport Layer Security (DTLS) Transport Mapping for Syslog. It<=
o:p>


> also updates the transport protocol in RFC 6012.


> 


> 


> The IETF datatracker status page for this draft is:

> https://datatracker.ietf.org/doc/draft-ciphersuites-in-sec-sy=
slog/


> 


> There is also an HTML version available at:


> https://www.ietf.org/archive/id/draft-ciphersuites-in-s=
ec-syslog-00.html


> 


> 


> Internet-Drafts are also available by rsync at rsync.ietf.org::in=
ternet-drafts


> 


> 


> _______________________________________________


> I-D-Announce mailing list


> I-D-Announce@ietf.org<mailto:I-D-Announce@ietf.org>


> ht=
tps://www.ietf.org/mailman/listinfo/i-d-announce


> Internet-Draft directories: http://www.ietf.org/shadow.html


> or ft=
p://ftp.ietf.org/ietf/1shadow-sites.txt


> 


> _______________________________________________


> Syslog mailing list


> Syslog@ietf.org=



> https://=
www.ietf.org/mailman/listinfo/syslog


 


-- 


Juergen Schoenwaelder        &=
nbsp;  Jacobs University Bremen gGmbH


Phone: +49 421 200 3587        =
; Campus Ring 1 | 28759 Bremen | Germany


Fax:   +49 421 200 3103      &=
nbsp;  https://www.jacob=
s-university.de/


 
--_000_DU0PR10MB5196F3E0D89512D564AFEB25F3749DU0PR10MB5196EURP_--