Re: [TLS] RFC 7919 on Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 27 August 2016 13:27 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D9BE12D580 for <tls@ietfa.amsl.com>; Sat, 27 Aug 2016 06:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.748
X-Spam-Level:
X-Spam-Status: No, score=-4.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.548] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mnNKl8fGWoP3 for <tls@ietfa.amsl.com>; Sat, 27 Aug 2016 06:27:24 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53A8E12D579 for <tls@ietf.org>; Sat, 27 Aug 2016 06:27:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1472304444; x=1503840444; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=crNqxH0GaCBvjQZMnEWDjEAATu8H1YM1c0KEcOkyJV0=; b=MYhpb/B+VflRkF3kunuTmUt6dXjNtwTlCQxLPlDBBqHd29ajkr9bW443 5IT5BLxV3+hzK4AENLNxzkI8E2Ff7t2e6PCJXR1WKyltmssvBkOV0lvQn 4ZMc/mfiUOfoeEQSPKaAWSSGWPMtc40tgLHz0QyccY6/rnUdiBwtxMjbg 6rrFqQy59xVr1lIejVNW+YyHaSyNSEdywn5KfD9Hb0jBFfp7DGMVFMOt/ yERjhvD6QLDZ8Rigj5v68q7YUY+MTaLzM+ortDlTk407IlW8tAVOo2GWT v3I6xMo7yZ7NnSeltl6JqE84adWzACxT4g52iDaskhSVg9a6xoYPxLqd4 w==;
X-IronPort-AV: E=Sophos;i="5.28,586,1464609600"; d="scan'208";a="103687333"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing
Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 28 Aug 2016 01:27:15 +1200
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.93]) by uxchange10-fe2.UoA.auckland.ac.nz ([130.216.4.106]) with mapi id 14.03.0266.001; Sun, 28 Aug 2016 01:27:15 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: David Benjamin <davidben@chromium.org>, Geoffrey Keating <geoffk@geoffk.org>
Thread-Topic: [TLS] RFC 7919 on Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
Thread-Index: AQHR+kiDZXbZlYKpgUOnaUdD5zLR56BP1VcAgA0Cxf4=
Date: Sat, 27 Aug 2016 13:27:15 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73F4D04810@uxcn10-5.UoA.auckland.ac.nz>
References: <9A043F3CF02CD34C8E74AC1594475C73F4CF009C@uxcn10-5.UoA.auckland.ac.nz> <20160816145548.GQ4670@mournblade.imrryr.org> <9A043F3CF02CD34C8E74AC1594475C73F4CF1AC9@uxcn10-5.UoA.auckland.ac.nz> <CADMpkc+vbkWz_TQ2Ch5JfaVRPse4qeXPPitsBV=d2yDtSx4eLA@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4CF416C@uxcn10-5.UoA.auckland.ac.nz> <m260qwppxa.fsf@localhost.localdomain>, <CAF8qwaB-p1X6vcKZ7=GfPe_hWxOB+g4T2mKaugpbYAKNJngJ7g@mail.gmail.com>
In-Reply-To: <CAF8qwaB-p1X6vcKZ7=GfPe_hWxOB+g4T2mKaugpbYAKNJngJ7g@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.6.2.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2LXIkGT6BkoWG1dNMmLQQUdhJE0>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RFC 7919 on Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Aug 2016 13:27:26 -0000
David Benjamin <davidben@chromium.org> writes: >TLS 1.3 will resolve this with the new cipher suite negotiation, but I agree >this makes the specification basically undeployable with TLS 1.2. This issue >also got brought up here: >https://www.ietf.org/mail-archive/web/tls/current/msg18697.html Hmm, good point. So reading between the lines of the various comments on this issue, the feeling seems to be "ignore this RFC". That more or less answers my question, I'll leave it out of TLS-LTS apart from mentioning it as another source of DH groups. >Barring unforeseen problems, Chrome will also lose DH in the next release. Which will be yet another headache for people working with SCADA devices, who are seeing themselves locked out more and more from being able to admin their systems when browser vendors arbitrarily decide to deprecate long-established mechanisms. I know of operators who are running IE 6 in XP VMs because that's the only thing that'll still talk to some devices they use (OK, old versions of FF and Chrome will do it too if you can find them, but then they always want to update themselves to less old versions that stop working again). Couldn't Chrome include an optional legacy mode that just works with existing systems, perhaps triggered by access to a device at an RFC 1918 address? There really is, in some cases, nothing available any more that will talk to entire families of SCADA devices because browsers assume the only thing that matters is the public WWW and won't accommodate anything that isn't. (At some point someone's going to figure out they can make a lot of money by taking Firefox 3.0, rebranding it, and selling it as an embedded device management solution, because it'll talk to all the things that current browsers won't any more). Peter.
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… David Benjamin
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Geoffrey Keating
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Watson Ladd
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Ilari Liusvaara
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Ilari Liusvaara
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Geoffrey Keating
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Bodo Moeller
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Watson Ladd
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Benjamin Kaduk
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Viktor Dukhovni
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- [TLS] RFC 7919 on Negotiated Finite Field Diffie-… rfc-editor
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Ryan Hamilton
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Ilari Liusvaara
- Re: [TLS] RFC 7919 on Negotiated Finite Field Dif… Peter Gutmann