Re: [TLS] Prohibiting SSL 3.0
Martin Thomson <martin.thomson@gmail.com> Tue, 28 October 2014 02:43 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53D011A1B74 for <tls@ietfa.amsl.com>; Mon, 27 Oct 2014 19:43:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6vdDpLmhxHA for <tls@ietfa.amsl.com>; Mon, 27 Oct 2014 19:43:14 -0700 (PDT)
Received: from mail-la0-x231.google.com (mail-la0-x231.google.com [IPv6:2a00:1450:4010:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 781651A1B60 for <tls@ietf.org>; Mon, 27 Oct 2014 19:43:14 -0700 (PDT)
Received: by mail-la0-f49.google.com with SMTP id ge10so1692286lab.8 for <tls@ietf.org>; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=KeyZz7FbhV8hS5NPD39fq3J94v+Rk31b5pBC8m7TxoQ=; b=g1im7MVsf4X3VAgH4G93BrrkHJYn4ZwaRCsekY3mNxz2U5yTt6kLbi7d/OL4qqPsOs uKtpEvO9/ITTaxa1llKCZkh+v/XDJtGmxiSzukWbMKks/+rmOeg1fa4haBRBUlwwuhGo sf4WP6vnmK61JYmMgpbRlRsDDFqgYgGZpJYQGrrJeE+mGgiF79LptGn6f7rwsFKws0Co Xf/5EgI3Z4yoVgATXaLcAqCK72tJzqdKpFU1Xmv/rk8xVsug6BOQj10rpHtDFV9LUnCc KoCGvUKLhtmdXw2DxAq8j1TtHuCZs7DTXRrp/gr6mKvo1afA/4/ZGS7BkSUB6+TvNLYi QIaQ==
MIME-Version: 1.0
X-Received: by 10.152.116.68 with SMTP id ju4mr390508lab.13.1414464192735; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
Received: by 10.25.215.217 with HTTP; Mon, 27 Oct 2014 19:43:12 -0700 (PDT)
In-Reply-To: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl>
References: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl>
Date: Mon, 27 Oct 2014 19:43:12 -0700
Message-ID: <CABkgnnXyFXPV0zyCA3qYcAYsajt+yaZoFHsdE=G5yCFj74+LNw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Yuhong Bao <yuhongbao_386@hotmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/94z0lAdpkHWgR8jIlH2X1XGmHlM
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 02:43:16 -0000
On 27 October 2014 19:05, Yuhong Bao <yuhongbao_386@hotmail.com> wrote: > I hope that a Internet-Draft prohibiting SSL 3.0 will be next. Maybe make an exception for things like browser download sites (it is easy to enable TLS 1.0 in IE6 but for these kind of sites it is probably not worth the effort). It didn't meet the deadline, but Richard and I put something together. https://unicorn-wg.github.io/sslv3-diediedie/ But then we learned that there might be another draft. That other draft is probably better. Not sure if this one is worth doing or not.
- [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Martin Thomson
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Peter Gutmann
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Ilari Liusvaara
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Eric Rescorla
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Salz, Rich
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Geoffrey Keating
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Sean Turner
- Re: [TLS] Prohibiting SSL 3.0 Joseph Salowey
- Re: [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Dave Garrett
- Re: [TLS] Prohibiting SSL 3.0 Jeffrey Walton
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir