Re: [TLS] Fwd: New Version Notification for draft-moriarty-tls-oldversions-diediedie-00.txt

Andrei Popov <Andrei.Popov@microsoft.com> Mon, 09 July 2018 18:00 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B1CC130E5C for <tls@ietfa.amsl.com>; Mon, 9 Jul 2018 11:00:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.101
X-Spam-Level: *
X-Spam-Status: No, score=1.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URI_HEX=1.122] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CAebIZ4m1G-P for <tls@ietfa.amsl.com>; Mon, 9 Jul 2018 11:00:18 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0091.outbound.protection.outlook.com [104.47.38.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C56612F1AC for <tls@ietf.org>; Mon, 9 Jul 2018 11:00:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DD++c7xVoMJrSyHZSa1yuN8hu+ZRjDiCOEMmRm3pH6Y=; b=neaoCorm9vYhF8dp5W4eI6AFPl/OFR4EgYC5wF3S5tWJNDseerlURA1StmXRcFvCKiKHMiOROYs+YIg3Fp5CcWZglt9UD8DKwo7Ui6lbmE7LCxGnW3oIHZoeyW/OwN4FRI2Bcddq9jCG0SNbWDYBVMMNatLyBKr4vnGNseHSv84=
Received: from CY4PR21MB0774.namprd21.prod.outlook.com (10.173.192.20) by CY4PR21MB0279.namprd21.prod.outlook.com (10.173.193.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.952.4; Mon, 9 Jul 2018 18:00:16 +0000
Received: from CY4PR21MB0774.namprd21.prod.outlook.com ([fe80::9d01:113b:290a:750b]) by CY4PR21MB0774.namprd21.prod.outlook.com ([fe80::9d01:113b:290a:750b%3]) with mapi id 15.20.0952.013; Mon, 9 Jul 2018 18:00:16 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Eric Rescorla <ekr@rtfm.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
CC: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] Fwd: New Version Notification for draft-moriarty-tls-oldversions-diediedie-00.txt
Thread-Index: AQHUF6PJpStkJhSBckq3e+cc3FSKFaSHG8mAgAAAxoCAAAqYYA==
Date: Mon, 9 Jul 2018 18:00:16 +0000
Message-ID: <CY4PR21MB0774BE80A4424D41D0C8C4138C440@CY4PR21MB0774.namprd21.prod.outlook.com>
References: <152934875755.3094.4484881874912460528.idtracker@ietfa.amsl.com> <CAHbuEH5J-F2cKag02Vx416jsy1N6XZOju28H99WAt71Pc5optg@mail.gmail.com> <CABcZeBN4RPt_=zu-PTPeaYbQ4KxC8DAf=a7359pZDjYavpxecw@mail.gmail.com> <CABcZeBMzweULuOfxe_Dp7n6M7Lt77_1Qq92=KzfmuBeShUSCDQ@mail.gmail.com>
In-Reply-To: <CABcZeBMzweULuOfxe_Dp7n6M7Lt77_1Qq92=KzfmuBeShUSCDQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:3:28ba:a023:971b:e42c]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0279; 7:oPQxsoiY64KiHseq7LDTKTVRjeiUXvrbwo+YboYWzT46JOpXWjS2HwxDQhXQ8xjfd1vM5fgXcGo2V3l50ZndZwMbTWP52AurXXqJySMWY6YbwNEU5VQxq/PaeiSqaPg2AaiBQD6iiEOnRGc8pDuJunMDsilBGqYM25gjNTghOCegojiiVEbAXGnHsZIc8PtLAgq06gGX7lwB4q3vr8kQTFri4tpBEE7MtxQsK/RxlJS4tYIBgu3RXbo3IoK7zD4y
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: f4192fc6-00a1-424d-03ac-08d5e5c5d374
x-microsoft-antispam: UriScan:(32856632585715); BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(48565401081)(5600053)(711020)(2017052603328)(7193020); SRVR:CY4PR21MB0279;
x-ms-traffictypediagnostic: CY4PR21MB0279:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-microsoft-antispam-prvs: <CY4PR21MB0279D497C1A4C92459AEC2798C440@CY4PR21MB0279.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(32856632585715)(158342451672863)(278428928389397)(120809045254105)(166708455590820)(192374486261705)(189930954265078)(85827821059158)(219752817060721);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231311)(944501410)(52105095)(2018427008)(10201501046)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:CY4PR21MB0279; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0279;
x-forefront-prvs: 07283408BE
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(376002)(346002)(396003)(136003)(39860400002)(22974007)(51874003)(189003)(199004)(7696005)(6436002)(33656002)(97736004)(5660300001)(10090500001)(7110500001)(476003)(46003)(446003)(186003)(486006)(53936002)(2900100001)(11346002)(14971765001)(229853002)(8990500004)(110136005)(86612001)(22452003)(256004)(2906002)(14444005)(76176011)(99286004)(316002)(102836004)(6506007)(53546011)(86362001)(478600001)(7736002)(19609705001)(81166006)(81156014)(10710500007)(106356001)(105586002)(54896002)(5250100002)(6306002)(9686003)(39060400002)(236005)(14454004)(10290500003)(72206003)(55016002)(966005)(25786009)(4326008)(6116002)(790700001)(68736007)(8936002)(74316002)(6246003)(606006)(8676002)(2420400007)(15650500001)(93886005); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0279; H:CY4PR21MB0774.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: pQG/n3Z2l4TCu05SkuWX3kkMvAKeBoPxa12CdMvUCa+9vUjaOaeQqnJ5CGXG69LFMsbOEl6fdgNoRvwQ/CTW1qjHRr4Cmv7DSxLODf1P4luA8/V120Ppj3Vfj0lQWag5QtkgRlHVzPW3qQcJn8kJfKt7RgHwn4Ep3bvTz/VTjfPnRpCeYKGDrIub0cfLPLzDx/ZzlkHTApLJ9w4w3u3jqw5GhnCbg3ZZ11vTwqUR1AsSB+w6KgYpbkpsCxs+AM7ZO4EhQvRBgUCotPZkPjlh9ONd77jB5RIsLDGorlJislZrxCg/VHd8TYyYujijuNVSd9ZW5i+2D2eDrs8mZrFwe7+L4lPG6e8IpnH/jt52Q18=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0774BE80A4424D41D0C8C4138C440CY4PR21MB0774namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f4192fc6-00a1-424d-03ac-08d5e5c5d374
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2018 18:00:16.0555 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0279
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/htKerlmtBzA9CAM1Tpc4ZLl1jcc>
Subject: Re: [TLS] Fwd: New Version Notification for draft-moriarty-tls-oldversions-diediedie-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 18:00:23 -0000

On the recent Windows versions, TLS 1.0 is negotiated more than 10% of the time on the client side (this includes non-browser connections from all sorts of apps, some hard-coding TLS versions), and TLS 1.1 accounts for ~0.3% of client connections.
Windows server negotiates TLS 1.0 ~1.5% of the time (all server apps, not just IIS), and the use of TLS 1.1 is negligible.

Therefore, we cannot disable TLS 1.0 by default in Windows just yet, but will keep looking at the telemetry. If PCI/NIST/diediedie RFC make a difference, I’ll be happy to reduce the set of enabled-by-default TLS versions.

Cheers,

Andrei

From: TLS <tls-bounces@ietf.org> On Behalf Of Eric Rescorla
Sent: Monday, July 9, 2018 9:57 AM
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: <tls@ietf.org> <tls@ietf.org>
Subject: Re: [TLS] Fwd: New Version Notification for draft-moriarty-tls-oldversions-diediedie-00.txt



On Mon, Jul 9, 2018 at 9:54 AM, Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>> wrote:
Thanks for writing this.

I would be in favor of deprecating old versions of TLS prior to 1.2. Firefox Telemetry shows that about 1% of our connections are TLS 1.1

This should be 1.0.


(on the same data set, TLS 1.3 is > 5%), and TLS 1.1 is negligible.

This is probably a higher number than we'd be comfortable turning off immediately, but it is probably worth starting the process.

-Ekr


On Mon, Jul 9, 2018 at 9:40 AM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>> wrote:

Hello,

Stephen and I posted the draft below to see if the TLS working group
is ready to take steps to deprecate TLSv1.0 and TLSv1.1.  There has
been a recent drop off in usage for web applications due to the PCI
Council recommendation to move off TLSv1.0, with a recommendation to
go to TLSv1.2 by June 30th.  NIST has also been recommending TLSv1.2
as a baseline.  Applications other than those using HTTP may not have
had the same reduction in usage.  If you are responsible for services
where you have a reasonable vantage point to gather and share
statistics to assess usage further, that could be helpful for the
discussion.  We've received some feedback that has been incorporated
into the working draft and feelers in general have been positive.  It
would be good to know if there are any show stoppers that have not
been considered.

https://github.com/sftcd/tls-oldversions-diediedie<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fsftcd%2Ftls-oldversions-diediedie&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215001514&sdata=6JSQZe93nWnAELvOgG3KyIcPopQleMDtNF6v8LWFXWU%3D&reserved=0>

Thanks in advance,
Kathleen


---------- Forwarded message ----------
From:  <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>>
Date: Mon, Jun 18, 2018 at 3:05 PM
Subject: New Version Notification for
draft-moriarty-tls-oldversions-diediedie-00.txt
To: Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>, Kathleen Moriarty
<Kathleen.Moriarty.ietf@gmail.com<mailto:Kathleen.Moriarty.ietf@gmail.com>>



A new version of I-D, draft-moriarty-tls-oldversions-diediedie-00.txt
has been successfully submitted by Stephen Farrell and posted to the
IETF repository.

Name:           draft-moriarty-tls-oldversions-diediedie
Revision:       00
Title:          Deprecating TLSv1.0 and TLSv1.1
Document date:  2018-06-18
Group:          Individual Submission
Pages:          10
URL:
https://www.ietf..org/internet-drafts/draft-moriarty-tls-oldversions-diediedie-00.txt<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Finternet-drafts%2Fdraft-moriarty-tls-oldversions-diediedie-00.txt&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215011518&sdata=%2BBRGmMbf7r4mXoyWqHmT6kgNjHw7Drh7ldDceG5gqfQ%3D&reserved=0>
Status:
https://datatracker.ietf.org/doc/draft-moriarty-tls-oldversions-diediedie/<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-moriarty-tls-oldversions-diediedie%2F&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215011518&sdata=Qge2nvcx8fz105Uux1rl1eM2yHiI7zbvxA8Pvps10z8%3D&reserved=0>
Htmlized:
https://tools.ietf.org/html/draft-moriarty-tls-oldversions-diediedie-00<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-moriarty-tls-oldversions-diediedie-00&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215021535&sdata=Bz6FrvviPoSIxkB83boGxcOxVg2NvrqS3A1bUinNodc%3D&reserved=0>
Htmlized:
https://datatracker.ietf.org/doc/html/draft-moriarty-tls-oldversions-diediedie<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-moriarty-tls-oldversions-diediedie&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215021535&sdata=M1O48yPTPkd%2Bb3%2FE3z0%2FAniBUMozDwfQzp2Ra5sLRbQ%3D&reserved=0>


Abstract:
   This document [if approved] formally deprecates Transport Layer
   Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and moves
   these documents to the historic state.  These versions lack support
   for current and recommended cipher suites, and various government and
   industry profiiles of applications using TLS now mandate avoiding
   these old TLS versions.  TLSv1.2 has been the recommended version for
   IETF protocols since 2008, providing sufficient time to transition
   away from older versions.  Products having to support older versions
   increase the attack surface unnecessarily and increase opportunities
   for misconfigurations.  Supporting these older versions also requires
   additional effort for library and product maintenance.

   This document updates the backward compatibility sections of TLS RFCs
   [[list TBD]] to prohibit fallback to TLSv1.0 and TLSv1.1.  This
   document also updates RFC 7525.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftools.ietf.org&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215031539&sdata=ixEPAZe51d1FhvdB9sQ8mzRHY04Blyx%2BIYjlFC%2Fo0dw%3D&reserved=0>amp;reserved=0>.

The IETF Secretariat



--

Best regards,
Kathleen

_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C30b7cfd6c111409f442b08d5e5bd3777%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636667523215041552&sdata=GkIXrs3zVeUBaEU2EUL8%2FXJdDdkDUlQ70iKr0rDJQRU%3D&reserved=0>