Re: [TLS] Fixing TLS

mrex@sap.com (Martin Rex) Wed, 13 January 2016 13:48 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 970671B2DC3 for <tls@ietfa.amsl.com>; Wed, 13 Jan 2016 05:48:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.551
X-Spam-Level:
X-Spam-Status: No, score=-6.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNlSqPQI9Noj for <tls@ietfa.amsl.com>; Wed, 13 Jan 2016 05:48:40 -0800 (PST)
Received: from smtpde02.smtp.sap-ag.de (smtpde02.smtp.sap-ag.de [155.56.68.140]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D6301B2DC1 for <tls@ietf.org>; Wed, 13 Jan 2016 05:48:40 -0800 (PST)
Received: from mail05.wdf.sap.corp (mail05.sap.corp [194.39.131.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPS id 56AE4448AB; Wed, 13 Jan 2016 14:48:38 +0100 (CET)
X-purgate-ID: 152705::1452692918-00006F99-3AC1C1C2/0/0
X-purgate-size: 675
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail05.wdf.sap.corp (Postfix) with ESMTP id 0074140872; Wed, 13 Jan 2016 14:48:36 +0100 (CET)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id D12071A3E8; Wed, 13 Jan 2016 14:48:36 +0100 (CET)
In-Reply-To: <94395a3c029c493eb491eb3db90e3ed1@usma1ex-dag1mb1.msg.corp.akamai.com>
To: "Salz, Rich" <rsalz@akamai.com>
Date: Wed, 13 Jan 2016 14:48:36 +0100 (CET)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20160113134836.D12071A3E8@ld9781.wdf.sap.corp>
From: mrex@sap.com (Martin Rex)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/8ZIwn1utS3zP0s_VLy7S2HENMVg>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Fixing TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 13:48:42 -0000

Salz, Rich wrote:
> 
>> TLS needs an LTS version that you can just push out and leave to its own
>> devices
> 
> So don't you have that with TLS 1.1 and appropriate cipher and option choices?

Actually, you already have that with TLSv1.0 plus the known mitigations.

The only cryptographical improvement of TLSv1.1 over TLSv1.0 can be
sufficiently achieved with 1+(n-1) record splitting -- for those few
situations where this difference is meaningful at all.

Only web-browsers that will happily execute any attacker supplied
active-content plus the abuse of SSL known as SSL-VPNs need the
record-splitting mitigation for block-ciphers in TLSv1.0.

-Martin