Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

Ted Lemon <mellon@fugue.com> Wed, 02 December 2020 17:14 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE6E03A1474 for <tls@ietfa.amsl.com>; Wed, 2 Dec 2020 09:14:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.886
X-Spam-Level:
X-Spam-Status: No, score=-1.886 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NO_DNS_FOR_FROM=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id goectwzOXlMd for <tls@ietfa.amsl.com>; Wed, 2 Dec 2020 09:14:51 -0800 (PST)
Received: from mail-qv1-xf30.google.com (mail-qv1-xf30.google.com [IPv6:2607:f8b0:4864:20::f30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 407333A14AE for <tls@ietf.org>; Wed, 2 Dec 2020 09:14:50 -0800 (PST)
Received: by mail-qv1-xf30.google.com with SMTP id y11so1035277qvu.10 for <tls@ietf.org>; Wed, 02 Dec 2020 09:14:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=ZnehEesJHD/E2teRo0Fmag0gAebfwi8CzMTn8no3gEU=; b=EJbJ9IDsduYCk1vZyKmpZ307kgKNy0qYDTmyKtGuN1BbPgsMcuKpbQkSiyGT44blMN +T6Yx7trolxXBu4Ci75BuxpwlsG63e54oxBqkueVtIZGsXt2ew6qBbvBkK8ltBKkZKR6 bsPLgvb2HmM6TFANmpLNT37I8LGg3BcXs8tYESVoS24S+pF5AE1xNMV7WtAxTJ6O0wbZ QmZLyC05V1sCtURGu6v9Bp3F5s4LEge99P1+YhG6/ab4xt73Z8hrkZ3/oUYAyYjp/THo rNCgFKD8TG1BZkgwOyoAN4luYodJsOIqQ1y6yz4TxbDGfJY/eEP1thvJ+2sukZxcG9qQ MsSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=ZnehEesJHD/E2teRo0Fmag0gAebfwi8CzMTn8no3gEU=; b=khvuckFFYhUT5dQ0z+HkbzM07utCMopCevO46iZYDfs5H5riDqC+ADu482pyjbAs1C cQi2Q1ExUsZj7BYzU1EdlJfjfVCuUkb/pc0qnuHDagY1ZOrkmePpodq8ZrMwIL7f9PB6 mqNEYEmrKbjhzp6v97K86v7hQt504p4k6vgnpSARrmQFwzwZEhQjdXlYNrxwQkmo/vky pohYSBucBfsR534GZcOzQMUXO/9+P/3MdrTaeQwqdj9oqNFNudnShSFLD/d8PbsMAhD5 9F6+bvYYWP4VR/nKZm6ldVA42biiLHXV53sm5przVKqRC6tI4RUj9XsdLv76MCHifBwU U/gw==
X-Gm-Message-State: AOAM533t8XI5SfY/4upwsMK9pAT2McOEyY0yhqz9VhYeLDMznC+CGU56 VfhJWi8qwsvbJ6TYLluFTQmFPw==
X-Google-Smtp-Source: ABdhPJzQWU2itcyvPLy6DNpSq2k9FfNrpc1tf1HYtPSzR9aNi9yOWZDsmcH0UBem3HHDLyplviaPcw==
X-Received: by 2002:a0c:f9c8:: with SMTP id j8mr3737358qvo.17.1606929289792; Wed, 02 Dec 2020 09:14:49 -0800 (PST)
Received: from mithrandir.lan (c-24-91-177-160.hsd1.ma.comcast.net. [24.91.177.160]) by smtp.gmail.com with ESMTPSA id s134sm2439223qke.99.2020.12.02.09.14.48 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Dec 2020 09:14:49 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_1078FAAD-3B94-459F-8028-05CA50BF99AE"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.40.0.2.32\))
From: Ted Lemon <mellon@fugue.com>
X-Priority: 3
In-Reply-To: <r480Ps-10146i-5D92DBE073F0406BAA96981F436B8E28@Williams-MacBook-Pro.local>
Date: Wed, 2 Dec 2020 12:14:47 -0500
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Keith Moore <moore@network-heretics.com>, Eliot Lear <lear@cisco.com>, last-call@ietf.org, tls@ietf.org, draft-ietf-tls-oldversions-deprecate@ietf.org, tls-chairs@ietf.org
Message-Id: <CA8EF4DE-9311-4BA5-8C6D-E28101A9894A@fugue.com>
References: <r480Ps-10146i-5D92DBE073F0406BAA96981F436B8E28@Williams-MacBook-Pro.local>
To: Bill Frantz <frantz@pwpconsult.com>
X-Mailer: Apple Mail (2.3654.40.0.2.32)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2w-6-4P98kIwawrcLHjm4Ug9bLk>
Subject: Re: [TLS] [Last-Call] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 17:14:53 -0000

On Dec 2, 2020, at 11:22 AM, Bill Frantz <frantz@pwpconsult.com> wrote:
> One I think I can address are heart pacemakers. These are imbedded in the patients chests. Upgrading them requires surgery. However, they have a limited lifespan due to their batteries running down, I think we're talking about 10 years or so, so there is a time where upgrade is practical.

This is a perfect example of reductio ad absurdum. Not that it’s a wrong example—for this use case, I think continued use of TLS 1.0 might be a requirement, if in fact there are pacemakers that use it. However, this is a situation where a subject matter expert skilled in the art should be designing a specific approach to the problem. It is not a case where no action should be taken—quite the opposite. It is quite likely that in this situation, operational practices could be undertaken that would limit the attack surface significantly.

The point is that you can’t argue with physics. If lives depend on winning that argument, you need to stop arguing and find a different approach to protecting those lives. If peoples’ personal privacy or financial privacy depends on them, perhaps this is a slightly less serious situation, but it’s still quite important. An enterprise that fails to plan for addressing these problems should be held liable for the damage that results from that failure.