Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt

"Dave Kern" <dskern@us.ibm.com> Wed, 03 June 2015 20:04 UTC

Return-Path: <dskern@us.ibm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E27B1B2A87 for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 13:04:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.41
X-Spam-Level:
X-Spam-Status: No, score=-6.41 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, GB_I_LETTER=-2, HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, MIME_HTML_ONLY=0.723, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w-yA914I-onw for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 13:04:44 -0700 (PDT)
Received: from e32.co.us.ibm.com (e32.co.us.ibm.com [32.97.110.150]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB8F61B2A91 for <tls@ietf.org>; Wed, 3 Jun 2015 13:04:44 -0700 (PDT)
Received: from /spool/local by e32.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for <tls@ietf.org> from <dskern@us.ibm.com>; Wed, 3 Jun 2015 14:04:44 -0600
Received: from d03dlp01.boulder.ibm.com (9.17.202.177) by e32.co.us.ibm.com (192.168.1.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Wed, 3 Jun 2015 14:04:43 -0600
Received: from b03cxnp07028.gho.boulder.ibm.com (b03cxnp07028.gho.boulder.ibm.com [9.17.130.15]) by d03dlp01.boulder.ibm.com (Postfix) with ESMTP id 84AC21FF0030 for <tls@ietf.org>; Wed, 3 Jun 2015 13:55:52 -0600 (MDT)
Received: from d03av04.boulder.ibm.com (d03av04.boulder.ibm.com [9.17.195.170]) by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id t53K2F2022413548 for <tls@ietf.org>; Wed, 3 Jun 2015 13:02:16 -0700
Received: from d03av04.boulder.ibm.com (loopback [127.0.0.1]) by d03av04.boulder.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id t53K4Uan006960 for <tls@ietf.org>; Wed, 3 Jun 2015 14:04:30 -0600
Received: from d40lp02.lotus.com ([9.32.8.79]) by d03av04.boulder.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id t53K4TGw006874 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <tls@ietf.org>; Wed, 3 Jun 2015 14:04:30 -0600
Received: from /spool/local by d40lp02.lotus.com with XMail ESMTP for <tls@ietf.org> from <dskern@us.ibm.com>; Wed, 3 Jun 2015 15:22:24 -0400
Received: from smtp.notes.scniris.com (173.192.202.219) by d40lp02.lotus.com (192.147.107.239) with XMail ESMTP; (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256/256) Wed, 3 Jun 2015 15:22:22 -0400
Received: from /spool/local by smtp.notes.scniris.com with ESMTP for <tls@ietf.org> from <dskern@us.ibm.com>; Wed, 3 Jun 2015 20:04:54 -0000
Received: from irisa-smtp01.ir3.wdc01.isc4sb.com (10.102.14.125) by smtp.notes.scniris.com (10.102.16.160) with ESMTP; Wed, 3 Jun 2015 20:04:52 -0000
Received: from irisa-mail02.ir3.wdc01.isc4sb.com ([10.102.14.98]) by irisa-smtp01.ir3.wdc01.isc4sb.com with ESMTP id 2015060320083449-25 ; Wed, 3 Jun 2015 20:08:34 +0000
Sensitivity:
In-Reply-To:
References:
MIME-Version: 1.0
Importance: Normal
X-Priority: 3 (Normal)
From: "Dave Kern" <dskern@us.ibm.com>
To: tls@ietf.org
Date: Wed, 3 Jun 2015 20:04:23 +0000
X-Mailer: Lotus Domino Web Server Build V851SAAS_05262015_FP1 May 29, 2015
X-LLNOutbound: False
X-TNEFEvaluated: 1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8
x-cbid: 15060320-0005-0000-0000-00000FA31F25
X-IBM-ISS-SpamDetectors: Score=0.397008; BY=0; FL=0; FP=0; FZ=0; HX=0; KW=0; PH=0; SC=0.397008; ST=0; TS=0; UL=0; ISC=
X-IBM-ISS-DetailInfo: BY=3.00003991; HX=3.00000235; KW=3.00000007; PH=3.00000003; SC=3.00000107; SDB=6.00539884; UDB=6.00227219; UTC=2015-06-03 20:04:53
x-cbparentid: 15060320-0466-0000-0000-0000012F81EB
Message-Id: <OF7FB0DC7C.A8DC96F7-ON00257E59.00680793-00257E59.006E4417@notes.scniris.com>
X-IBM-ISS-SpamDetectors: ISC=
X-IBM-ISS-DetailInfo: BY=3.00003991; HX=3.00000235; KW=3.00000007; PH=3.00000003; SC=3.00000107; SDB=6.00539883; UDB=6.00227218; UTC=2015-06-03 19:22:23
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/0e_Uz6EJZBItDV7q6RaZHF2JCkk>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 20:04:46 -0000

>
> Please show me an HTTPS server I can point my DHE-enabled Java 6 and 7
> clients at and have them successfully negotiate a TLS session. I dare you.
>
 
I'll rise to the bait. Point your Java client at any current IBM Domino server that is configured according to the current recommendations:
 
 
The only DHE cipher supported by Java 6 and 7 is TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033), so as long as that one cipher is not enabled Java 6 and 7 will end up with something they can handle, such as TLS_RSA_WITH_AES_128_CBC_SHA (0x002F) and modern clients will end up with something stronger.
 
We also have changes in the current development stream to prioritize 0x0033 below 0x002F as the last of the AES ciphers -- submitted post-Logjam -- and to always use a 1024 bit DH group with 0x0033 instead of the default or configured stronger DH group -- submited pre-Logjam but left in place because being potentially vulnerable to Three Letter Agencies is still better than failing the handshake and transmitting data in the clear.
 
Servers *can* provide strong DHE groups to modern browsers and avoid loss of compatibility with Java 6 and 7, and it's not even very much work to do so.
 
Hope that helps,
 
dave