Re: [TLS] ops review of draft-ietf-tls-sslv3-diediedie

"Fred Baker (fred)" <fred@cisco.com> Sun, 22 March 2015 13:01 UTC

Return-Path: <fred@cisco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B96F1A90B5; Sun, 22 Mar 2015 06:01:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -114.511
X-Spam-Level:
X-Spam-Status: No, score=-114.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O6bi-FWZshQU; Sun, 22 Mar 2015 06:01:54 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 778BE1A9098; Sun, 22 Mar 2015 06:01:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2783; q=dns/txt; s=iport; t=1427029314; x=1428238914; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=4ybdSs1D5JXE3kTxRz2YqsGxG9IADLG4u5xC+/xa6G8=; b=P14BVmYoaytSIqFFXjI30iIxB5YM+vc6YREYW3JR0DEFleFB0r+iGMuZ TdLkQ/RjHc8GCQAHdCdorM0xn5Wn68T8rxjzTOQLzm7q9XpA6YrKbsqSO CDjiYdo7UJm1hO5ZOKVzjyHQlawLc+s+4KYWYqlNoQR5m6EQCvqJn+Fev s=;
X-Files: signature.asc : 487
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ALBQA1vA5V/4oNJK1cgwaBLASDDMlRAoEbTAEBAQEBAX2EFAEBAQMBIwRSBQsCAQgYKgICMiUCBA4FDogZCK9XmTQBAQEBAQEBAQEBAQEBAQEBAQEBGYshhBMRAVAHgmgvgRYFkE+BaYEyhlMBgRqDMI9fIoICHIFQb4ELOX8BAQE
X-IronPort-AV: E=Sophos;i="5.11,446,1422921600"; d="asc'?scan'208";a="134328410"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-2.cisco.com with ESMTP; 22 Mar 2015 13:01:53 +0000
Received: from xhc-rcd-x14.cisco.com (xhc-rcd-x14.cisco.com [173.37.183.88]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id t2MD1rWm000678 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sun, 22 Mar 2015 13:01:53 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.149]) by xhc-rcd-x14.cisco.com ([173.37.183.88]) with mapi id 14.03.0195.001; Sun, 22 Mar 2015 08:01:53 -0500
From: "Fred Baker (fred)" <fred@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: ops review of draft-ietf-tls-sslv3-diediedie
Thread-Index: AQHQZGmWpARkpZLGW0mpB3eKsQYLp50oxpcAgAAFIYA=
Date: Sun, 22 Mar 2015 13:01:53 +0000
Message-ID: <E68CA0D0-68B9-4389-8934-58505BB28F3D@cisco.com>
References: <5287A99D-C512-498A-9F8C-3B7E38D7844B@cisco.com> <550EB8F2.10203@cs.tcd.ie>
In-Reply-To: <550EB8F2.10203@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.89.4.20]
Content-Type: multipart/signed; boundary="Apple-Mail=_67D2459B-3EE0-4C3B-B66C-477A4754EA52"; protocol="application/pgp-signature"; micalg=pgp-sha1
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/3J5RY_i5jzl8oh8GAD8R3FaE3Co>
X-Mailman-Approved-At: Sun, 22 Mar 2015 10:25:29 -0700
Cc: "ops-dir@ietf.org" <ops-dir@ietf.org>, "draft-ietf-tls-sslv3-diediedie.all@tools.ietf.org" <draft-ietf-tls-sslv3-diediedie.all@tools.ietf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] ops review of draft-ietf-tls-sslv3-diediedie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Mar 2015 13:01:56 -0000

> On Mar 22, 2015, at 7:43 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>; wrote:
> 
> 
> Thanks Fred for the thoughtful review.
> 
> I think one thing is worth double-checking. You said:
> 
> On 22/03/15 06:29, Fred Baker (fred) wrote:
>> One implication that the document doesn’t bring out directly, but
>> which follows from the discussion of the attacks, is that any key or
>> certificate that has been exchanged using SSL may have been
>> compromised via a man-in-the-middle attack, and is therefore suspect.
>> Such certificates and keys should be replaced
> 
> I don't think that is the case, as SSL's imperfections bad as they
> are, don't expose long-term (private) keying material. But it is
> worth checking. Short-term keys will naturally be replaced without
> any operator action in any SSL->TLS transition I think. And any
> trust anchors that were accepted via self-signed certificates will
> be as good or bad as ever and are probably best left alone if one
> isn't changing s/w but just a config.
> 
> So I don't see an operator action here that we ought document in
> this draft. But if there were things operators ought do, that are
> not purely implementation specific issues, then I think those'd be
> worth noting in the document, so this is just to check that. If
> someone knows of such, please send text and the WG can process
> that.
> 
> As the relevant AD, I'll interpret silence here as "no change
> needed."
> 
> Cheers,
> S.

You may ell be correct. I also noted, after having sent the email, that it is fairly probable that a different crypto algorithm might be selected as a result of the transition, which would entail obtaining relevant keys and certificates anyway.

As you say, food for thought.