Re: [TLS] NULL cipher to become a MUST NOT in UTA BCP
Nico Williams <nico@cryptonector.com> Wed, 03 September 2014 20:07 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F4B81A6EFC for <tls@ietfa.amsl.com>; Wed, 3 Sep 2014 13:07:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.044
X-Spam-Level:
X-Spam-Status: No, score=-1.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FNbwURdUDLLx for <tls@ietfa.amsl.com>; Wed, 3 Sep 2014 13:07:19 -0700 (PDT)
Received: from homiemail-a86.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 68A0E1A0658 for <tls@ietf.org>; Wed, 3 Sep 2014 13:07:19 -0700 (PDT)
Received: from homiemail-a86.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a86.g.dreamhost.com (Postfix) with ESMTP id 4628536006D for <tls@ietf.org>; Wed, 3 Sep 2014 13:07:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=EcfRwkO/Yt630v0Vc+kv AdklOas=; b=AjfhzdXo83oWBUHAeUrvoKMMufC/qGMypOOoCVeLnqQEZ9DLVb3T jHs6tRH27SDtSt5DHbZI8FwPyOd97lkpKilcN02w8EeAW+91+60M09QFOjOHFfiZ 9EzLQTv5g7XCr5iNZo65HoyXADIOIBQcBFKGsQfit3wNJe94yI2xcwQ=
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a86.g.dreamhost.com (Postfix) with ESMTPSA id E3E2F36006A for <tls@ietf.org>; Wed, 3 Sep 2014 13:07:18 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id n3so1631354wiv.17 for <tls@ietf.org>; Wed, 03 Sep 2014 13:07:17 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.75.17 with SMTP id y17mr37781613wiv.3.1409774837745; Wed, 03 Sep 2014 13:07:17 -0700 (PDT)
Received: by 10.216.231.131 with HTTP; Wed, 3 Sep 2014 13:07:17 -0700 (PDT)
In-Reply-To: <540770DF.105@net.in.tum.de>
References: <54048985.1020005@net.in.tum.de> <CAMeZVwtQ09B6Ero2C=75m5JdAYnEAENNcESd_gg_Ro2UhA9dyA@mail.gmail.com> <3EB754B7-F6B2-4207-A2F0-E61F32EE1E40@ll.mit.edu> <54075016.6040406@net.in.tum.de> <20140903174958.GF14392@mournblade.imrryr.org> <5407574B.5060708@net.in.tum.de> <9120B6EE-F023-4724-9116-A169993F58E8@ll.mit.edu> <14f6960e-e625-4252-ad7d-2bf8295f71fc@email.android.com> <9D33A9AF-5613-49DD-B024-DD5CDA49CFC9@ll.mit.edu> <540770DF.105@net.in.tum.de>
Date: Wed, 03 Sep 2014 15:07:17 -0500
Message-ID: <CAK3OfOgY8vX-_CwDqKcEYq5v+OHG-FfD7tcYv4dXC6JrZJq+yQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Ralph Holz <holz@net.in.tum.de>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/9dXMt5Azf-Xo7yOPwjp4Ooq42GM
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] NULL cipher to become a MUST NOT in UTA BCP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Sep 2014 20:07:20 -0000
On Wed, Sep 3, 2014 at 2:49 PM, Ralph Holz <holz@net.in.tum.de> wrote: > Good day, > >>> MUST NOT is correct. Nowhere does RFC2119 say that the term >>> deployment equals implementation in code. >> >> Misunderstanding of the RFC, IMHO. > > You will need to give evidence if you want others to follow your argument. Ralph, Uri is quite right. You really should read RFC2119. Here's the money quote: 2. MUST NOT This phrase, or the phrase "SHALL NOT", mean that the definition is an absolute prohibition of the specification. There is absolutely no hedging there. There is no more evidence to post, really. What more could you need? "absolute prohibition" is as clear as it gets. Nico --
- [TLS] NULL cipher to become a MUST NOT in UTA BCP Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Paul Hoffman
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Salz, Rich
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Paul Lambert
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Bodo Moeller
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nikos Mavrogiannopoulos
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Yutaka OIWA
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Geoffrey Keating
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Yutaka OIWA
- [TLS] uta-tls-bcp-02 thoughts (was: NULL cipher t… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Bodo Moeller
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Yutaka OIWA
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] uta-tls-bcp-02 thoughts (was: NULL ciph… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] uta-tls-bcp-02 thoughts (was: NULL ciph… Nico Williams
- Re: [TLS] uta-tls-bcp-02 thoughts (was: NULL ciph… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] uta-tls-bcp-02 thoughts Ralph Holz
- Re: [TLS] uta-tls-bcp-02 thoughts Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] uta-tls-bcp-02 thoughts Ralph Holz
- Re: [TLS] uta-tls-bcp-02 thoughts (was: NULL ciph… Barry Leiba
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Bill Frantz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Daniel Kahn Gillmor
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Bodo Moeller
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Manuel Pégourié-Gonnard
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Manuel Pégourié-Gonnard
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ilari Liusvaara
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Nico Williams
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Ralph Holz
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Bodo Moeller
- Re: [TLS] NULL cipher to become a MUST NOT in UTA… Viktor Dukhovni