Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt

Ralph Holz <holz@net.in.tum.de> Wed, 25 September 2013 11:29 UTC

Return-Path: <holz@net.in.tum.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D9A721F9F7F for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 04:29:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.984
X-Spam-Level:
X-Spam-Status: No, score=-1.984 tagged_above=-999 required=5 tests=[AWL=0.265, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OqgrL2SoFkwS for <tls@ietfa.amsl.com>; Wed, 25 Sep 2013 04:29:43 -0700 (PDT)
Received: from smtp.serverkommune.de (serverkommune.de [176.9.61.43]) by ietfa.amsl.com (Postfix) with ESMTP id 13E4221F9702 for <tls@ietf.org>; Wed, 25 Sep 2013 04:29:42 -0700 (PDT)
Received: by smtp.serverkommune.de (Postfix, from userid 5001) id 8E61A8099A; Wed, 25 Sep 2013 13:29:41 +0200 (CEST)
Received: from [131.159.20.131] (ex6.serverkommune.de [176.9.61.43]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.serverkommune.de (Postfix) with ESMTPSA id 4DB9F80989 for <tls@ietf.org>; Wed, 25 Sep 2013 13:29:39 +0200 (CEST)
Message-ID: <5242C95A.6080306@net.in.tum.de>
Date: Wed, 25 Sep 2013 13:30:34 +0200
From: Ralph Holz <holz@net.in.tum.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: tls@ietf.org
References: <9A043F3CF02CD34C8E74AC1594475C735567D321@uxcn10-6.UoA.auckland.ac.nz> <CADMpkcJtp-+P8CFn_K7uptXtorYom0ALdaUn6xB16JFZSHoBtg@mail.gmail.com>
In-Reply-To: <CADMpkcJtp-+P8CFn_K7uptXtorYom0ALdaUn6xB16JFZSHoBtg@mail.gmail.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.97.8 at ex6
X-Virus-Status: Clean
Subject: Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2013 11:29:47 -0000

Hi,

> While removing SSL 3.0 support entirely would avoid this kind of
> problem, SSL 3.0 is still sometimes required for interoperability. (Cf.
> the history of RFC 6187: http://tools.ietf.org/html/rfc6176)

We have some empirical data, albeit only for servers. In our most recent
IPv4-wide scan, only 3% of servers required us to downgrade to SSL 3 in
order to complete the handshake. All others were OK with TLS1.

Ralph

-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF