Re: [TLS] [Iot-directorate] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04

Daniel Migault <> Fri, 30 July 2021 16:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 67F853A307A; Fri, 30 Jul 2021 09:26:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.854
X-Spam-Status: No, score=-0.854 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hy0Vft_88pzH; Fri, 30 Jul 2021 09:25:56 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9915E3A3078; Fri, 30 Jul 2021 09:25:55 -0700 (PDT)
Received: by with SMTP id h27so6765583qtu.9; Fri, 30 Jul 2021 09:25:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=snb2gfrfTUuErXR60Kbm9SpeyS8z0RDG++Wc+OF85fo=; b=saIkiId3GTF2AaFJZtXWk+QvnFGAa2kErIHxF71GU+ewx1l00EVUy66/QS9oVxNaW3 BUW0iMVtDyd0v++qQ1cnaxJOX277Y+gtk54LlSMwf/CyU5/+kFT2951q71iSEtq/Aqmx wp9v4vS5EnoLsqo/qqOGbsUBQ0K98TuDJRngwr9wkIVMzTBec751A1KpNNQXc8xZaZ2+ V1bh/Mgj/Hqr4ZQG/Lc0euJy2F5uiBti0+RdTcvn4fa7xpi7aSVqB0yfgFpySFGOAFKt eIEcglNNxXxOInUYlZdKtGL1EhSBrVbWdb200pmg2kqACU566NR+aQJRsMn9fdJoNvC1 cqag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=snb2gfrfTUuErXR60Kbm9SpeyS8z0RDG++Wc+OF85fo=; b=bOV/E+R83A9mxF24jpPjSRw0tfGHJOLlVm1GpfxPWymRoA9uTPPVaIPmjSWshBiu9H diBWnfWwKhqHWTb5fG1Bi6S0yTQbKFiRL67QQ3CVzCs9VYVCZJm4rT4OAmKxdda70JMz zgFLtdVeaD2IqPAxjqpg0Mls4Bz68tBV0CSfw8gkNcqV3wlSY68wmgpzI1LNcHYWZWVx aqGjWaVnleO1LVYSvSgVwxg3lQyLLw58gZNtmaupuy8HaBAjsCaVGI4gqjchvtVbs2HX V8fzc99hlRKHAtDsOzay04+wJ74k7ZT121FJj/a9Ufc+4eGJA6+UDXQIdLzWnwSNqz4X 1Ypg==
X-Gm-Message-State: AOAM532UTPYRpmZCVSRzLhxA1svZ9UTEWBSGN4L1+UWMHG2pEFsDPL7s VC5deQ8CC1PXsO9Hh70p3feUjaZS6lyV3R5UT9I=
X-Google-Smtp-Source: ABdhPJykl6govHz677SNeZKSRmNwtxpYY8NY95L56hVAWelT3gSRu8EL6E+P68naY5OTIkn0KZYWMjE5Mp2Ko1VXsXw=
X-Received: by 2002:ac8:41d2:: with SMTP id o18mr3055317qtm.10.1627662354043; Fri, 30 Jul 2021 09:25:54 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
From: Daniel Migault <>
Date: Fri, 30 Jul 2021 12:25:42 -0400
Message-ID: <>
To: Hannes Tschofenig <>
Cc: Russ Housley <>, Sean Turner <>, IETF TLS <>, "" <>, "" <>, "" <>
Content-Type: multipart/alternative; boundary="0000000000006d54e305c859ac72"
Archived-At: <>
Subject: Re: [TLS] [Iot-directorate] [Last-Call] Iotdir last call review of draft-ietf-tls-md5-sha1-deprecate-04
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 30 Jul 2021 16:26:02 -0000


Just to sum, up my initial comment proposed to mention as being removed
remove the texts mentioned below. Since Sean mentioned that removing a text
with MUST can be problematic, for the first text we can also just explain
that in the context of this draft, the first text ends in being some dead
code. I would be interested to understand - and only for my personal
understanding - why removing a text with MUST is harder than a text with

My understanding is that the current proposal is to remove the second text,
and that the case of the first text has not been concluded - of course
unless I am missing something. As a result, I think I hope we can converge
for the two texts and I am fine the first text being mentioned as removed
or ending as  dead code.

If the client does not send the signature_algorithms extension, the
server MUST do the following:
-  If the negotiated key exchange algorithm is one of (RSA, DHE_RSA,
   DH_RSA, RSA_PSK, ECDH_RSA, ECDHE_RSA), behave as if client had
   sent the value {sha1,rsa}.

-  If the negotiated key exchange algorithm is one of (DHE_DSS,
   DH_DSS), behave as if the client had sent the value {sha1,dsa}.

-  If the negotiated key exchange algorithm is one of (ECDH_ECDSA,
   ECDHE_ECDSA), behave as if the client had sent value {sha1,ecdsa}.

If the client supports only the default hash and signature algorithms
(listed in this section), it MAY omit the signature_algorithms


On Fri, Jul 30, 2021 at 5:10 AM Hannes Tschofenig <>

> I have no problem with the suggestion.
> A few other observations:
> 1. FWIW: The reference to [Wang] is incomplete.
> 2. The references to the other papers use the websites of the authors or
> project websites. I would use more stable references.
> 3. Kathleen's affiliation is also outdated.
> 4. Is the update to RFC 7525 relevant given that there is an update of RFC
> 7525 in progress (see
> and
> even near completion?
> 5. The title of the draft gives the impression that this update only
> refers to TLS 1.2 but later in the draft DTLS is also included via the
> reference to RFC 7525. Should the title be changed to "Deprecating MD5 and
> SHA-1 signature hashes in TLS/DTLS 1.2"?
> Ciao
> Hannes
> -----Original Message-----
> From: Iot-directorate <> On Behalf Of
> Russ Housley
> Sent: Wednesday, July 28, 2021 10:34 PM
> To: Sean Turner <>; IETF TLS <>
> Cc:;
> Subject: Re: [Iot-directorate] [TLS] [Last-Call] Iotdir last call review
> of draft-ietf-tls-md5-sha1-deprecate-04
> >   In Section the following text is removed:
>      If the client supports only the default hash and signature algorithms
>      (listed in this section), it MAY omit the signature_algorithms
>      extension.
> >   Since it’s a MAY, I am a-okay with deleting. Anybody else see harm?
> I don't see any harm.
> Russ
> --
> Iot-directorate mailing list
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
> _______________________________________________
> TLS mailing list

Daniel Migault