Re: [TLS] RC4 deprecation path (Re: Deprecating more (DSA?))
Michael D'Errico <mike-list@pobox.com> Sat, 19 April 2014 17:32 UTC
Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFCBD1A004C for <tls@ietfa.amsl.com>; Sat, 19 Apr 2014 10:32:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.273
X-Spam-Level:
X-Spam-Status: No, score=-2.273 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EWr1gaUZk2s2 for <tls@ietfa.amsl.com>; Sat, 19 Apr 2014 10:32:33 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by ietfa.amsl.com (Postfix) with ESMTP id EFFCC1A0041 for <tls@ietf.org>; Sat, 19 Apr 2014 10:32:31 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 4826D10CFC for <tls@ietf.org>; Sat, 19 Apr 2014 13:32:27 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=0FELS/+RCKc3 3m8bYlCM3UkcknI=; b=x7PgsirgUvERCROQ/M/ifPU5tz0j9S/ghPbcvLHQJHNJ 5Pt0uxwbyM0RkhuINU0qVn1FBGCiNm5hhwYk73qpP5668+Jm2UkMEPY3M/cMv1Wt 6tBytoZp0//pN1M6RqqA891KIYj0pbVxOGUbp7ieSf8nL9brDId22DdV385nijY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=SeAg9x pBMtvIPqy6MZ9iS5iyo3yakCINZYWnKncJgLvEy+uP8EbIIVAHTMx5x/fkfNJW60 La0LUFEM0I8ytyW1xamzqc/nvnsyQTMbkYQnIJ2WEH6Cn5gcjjcPqTsdzaP9DU7s lao4nkuB1XZVnut4Dp9K49kvtosJBSRwI+jMA=
Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 3F6CD10CFB for <tls@ietf.org>; Sat, 19 Apr 2014 13:32:27 -0400 (EDT)
Received: from iMac.local (unknown [24.234.153.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id D70E010CFA for <tls@ietf.org>; Sat, 19 Apr 2014 13:32:25 -0400 (EDT)
Message-ID: <5352B328.1080006@pobox.com>
Date: Sat, 19 Apr 2014 10:32:24 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: "tls@ietf.org" <tls@ietf.org>
References: <CACsn0cnZFScA1WnitpHH--6_Kd0spfLQvmvniyCSnUmvr8xVhg@mail.gmail.com> <20140419131019.GA29561@roeckx.be>
In-Reply-To: <20140419131019.GA29561@roeckx.be>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: 92C1BE52-C7E8-11E3-BEFD-6F330E5B5709-38729857!a-pb-sasl-quonix.pobox.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/6b4w1GMy7PwtYJKPFEsnqQf8m4Q
Subject: Re: [TLS] RC4 deprecation path (Re: Deprecating more (DSA?))
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Apr 2014 17:32:36 -0000
Kurt Roeckx wrote: > > - Clients should not announce support for RC4 in their initial > connection attempt, and only fall back to support it when the > server says that there are no common ciphers. (I'm not sure > if a MITM can fake that response or not.) Continue the handshake all the way through to the Finished messages to determine if a MITM has tampered with it. This will only not work if the server is of the type that chooses RC4 no matter where it is in the client's cipher suite list. Here's the message flow I'm thinking about: ClientHello (w/o RC4) -----> <----- Alert (handshake_failure) close and reconnect: ClientHello (with RC4) -----> <----- ServerHello (RC4 chosen) ..... continues Place the RC4 suites at the end of the list so that the server will not choose them if it respects the client's preference. Mike
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Bill Frantz
- [TLS] RC4 depreciation path (Re: Deprecating more… Watson Ladd
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Ilari Liusvaara
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Michael D'Errico
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Kurt Roeckx
- Re: [TLS] RC4 deprecation path (Re: Deprecating m… Yoav Nir
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Fabrice
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Yoav Nir
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Watson Ladd
- [TLS] RC4 Considered Harmful (Was: RC4 deprecatio… Alyssa Rowan
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Alyssa Rowan
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Jacob Appelbaum
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… David Holmes
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Alyssa Rowan
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Watson Ladd
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Salz, Rich
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Yoav Nir
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Geoffrey Keating
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Paterson, Kenny
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Marsh Ray
- Re: [TLS] RC4 Considered Harmful (Was: RC4 deprec… Martin Rex
- Re: [TLS] RC4 depreciation path (Re: Deprecating … Kurt Roeckx