IETF Logo Mail Archive

Re: [TLS] Prohibiting SSL 3.0

Martin Thomson <martin.thomson@gmail.com> Tue, 28 October 2014 02:43 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53D011A1B74 for <tls@ietfa.amsl.com>; Mon, 27 Oct 2014 19:43:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6vdDpLmhxHA for <tls@ietfa.amsl.com>; Mon, 27 Oct 2014 19:43:14 -0700 (PDT)
Received: from mail-la0-x231.google.com (mail-la0-x231.google.com [IPv6:2a00:1450:4010:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 781651A1B60 for <tls@ietf.org>; Mon, 27 Oct 2014 19:43:14 -0700 (PDT)
Received: by mail-la0-f49.google.com with SMTP id ge10so1692286lab.8 for <tls@ietf.org>; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=KeyZz7FbhV8hS5NPD39fq3J94v+Rk31b5pBC8m7TxoQ=; b=g1im7MVsf4X3VAgH4G93BrrkHJYn4ZwaRCsekY3mNxz2U5yTt6kLbi7d/OL4qqPsOs uKtpEvO9/ITTaxa1llKCZkh+v/XDJtGmxiSzukWbMKks/+rmOeg1fa4haBRBUlwwuhGo sf4WP6vnmK61JYmMgpbRlRsDDFqgYgGZpJYQGrrJeE+mGgiF79LptGn6f7rwsFKws0Co Xf/5EgI3Z4yoVgATXaLcAqCK72tJzqdKpFU1Xmv/rk8xVsug6BOQj10rpHtDFV9LUnCc KoCGvUKLhtmdXw2DxAq8j1TtHuCZs7DTXRrp/gr6mKvo1afA/4/ZGS7BkSUB6+TvNLYi QIaQ==
MIME-Version: 1.0
X-Received: by 10.152.116.68 with SMTP id ju4mr390508lab.13.1414464192735; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
Received: by 10.25.215.217 with HTTP; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
In-Reply-To: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl>
References: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl>
Date: Mon, 27 Oct 2014 19:43:12 -0700
Message-ID: <CABkgnnXyFXPV0zyCA3qYcAYsajt+yaZoFHsdE=G5yCFj74+LNw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Yuhong Bao <yuhongbao_386@hotmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/94z0lAdpkHWgR8jIlH2X1XGmHlM
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 02:43:16 -0000

On 27 October 2014 19:05, Yuhong Bao <yuhongbao_386@hotmail.com> wrote:
> I hope that a Internet-Draft prohibiting SSL 3.0 will be next. Maybe make an exception for things like browser download sites (it is easy to enable TLS 1.0 in IE6 but for these kind of sites it is probably not worth the effort).


It didn't meet the deadline, but Richard and I put something together.

https://unicorn-wg.github.io/sslv3-diediedie/

But then we learned that there might be another draft.  That other
draft is probably better.  Not sure if this one is worth doing or not.

v2.23.0 | Report a Bug | By Email