Re: [TLS] [Cfrg] 3DES diediedie
Ira McDonald <blueroofmusic@gmail.com> Thu, 25 August 2016 13:55 UTC
Return-Path: <blueroofmusic@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2509512D09B for <tls@ietfa.amsl.com>; Thu, 25 Aug 2016 06:55:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.628
X-Spam-Level:
X-Spam-Status: No, score=-0.628 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URI_NO_WWW_INFO_CGI=2.071] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuwMFY7FwtXy for <tls@ietfa.amsl.com>; Thu, 25 Aug 2016 06:55:31 -0700 (PDT)
Received: from mail-it0-x231.google.com (mail-it0-x231.google.com [IPv6:2607:f8b0:4001:c0b::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5558E12B03C for <tls@ietf.org>; Thu, 25 Aug 2016 06:55:31 -0700 (PDT)
Received: by mail-it0-x231.google.com with SMTP id e63so33142285ith.1 for <tls@ietf.org>; Thu, 25 Aug 2016 06:55:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gaCB2wQFq10USHfXhqoBjNSw1smvh8hH04eANyvyGU4=; b=fP0vBwitUL4vdJfbtjERP7lJ99Ohc55Q3g/+DusagjtZaLDycKpRXdpBT0SfE6X0Mq SnpYvhJDS9l+B4oHjJjWBzcaaXHVgkIp2d1/FHaiU2JfjvGDvPKIvtIW4kQdnyCRGONb fwCo48cOwjfbL3b5QtyHMRELOMCY0vEzNhxvPibeC9igXRqQZHv/VRNGV+WT1Hy8iCZ5 jHLdRupQYVD/9Tog9s0iA6bZTyEwr7qHAysGTpAgPttDz5SFVpLtEFihXe3CHViBROyx Mmmd1TWTcA0yueuOWiVgOqlnp2TC8MtIJnUs/PzYYn9Wl9IKA7shCqCL0ngIyXjE8rJb xOsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gaCB2wQFq10USHfXhqoBjNSw1smvh8hH04eANyvyGU4=; b=cHKfxImXZSeETo7gQ5V0aFElNeiA0nmzEdIYDlqelO1hqKckuU/55aPV91lewUqf9a sDNxBspiVk5jQRUySuDXdAsesk3Gxccs8JEnE+g+xAQuJhb3rzvTNv/YLzl72G+DWJLi mSHksyqaERAr+WktDRzdCg3vAfl/4ublENpiDTSj4q2eHa14lRcvtJ3Zn09JRko62cVC NskStlxrSNAdVkSbdm+TNb6NksLgtINNH9l/eQxulNIDvyFC+mObHZHQkqPZNpFosaPv OMGokHvso34eZijQC7KX4IN3hymTmpk0zAigEtAIHM9uCnmH8YCcdd7FLDrr9krT4IeK Ykxg==
X-Gm-Message-State: AE9vXwMtT5R6BekXOO39SpWAknR4wVE1In60JtAl3t+0aRtGVbqmTTGHgUSo7U8a1tleykdvst4pUVJUbQKkLA==
X-Received: by 10.36.238.134 with SMTP id b128mr5204572iti.72.1472133330708; Thu, 25 Aug 2016 06:55:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.11.67 with HTTP; Thu, 25 Aug 2016 06:55:10 -0700 (PDT)
In-Reply-To: <CABcZeBOCUnVvHbMC09w=STZ2xfQXm9i77Aq++gavOq4Qp5b+4Q@mail.gmail.com>
References: <CAHOTMV+r5PVxqnSozYyqJqq_YocMKV06aAa-43t+5Huzh7Lo=A@mail.gmail.com> <CAHOTMVKBmDT-okm=ikECrotcEKS5fdn840-gV+5Tnx3eg4JBkQ@mail.gmail.com> <E201DE55-20AF-4581-B502-5112DBA535A5@dukhovni.org> <6377217.GbyXToEj0o@pintsize.usersys.redhat.com> <6933C5DD-9C84-44E0-88D4-6E3D3C9A2C78@gmail.com> <CABcZeBOCUnVvHbMC09w=STZ2xfQXm9i77Aq++gavOq4Qp5b+4Q@mail.gmail.com>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Thu, 25 Aug 2016 09:55:10 -0400
Message-ID: <CAN40gSu3bvYhEeQ+B8AvfDpyWFt_QA4M2-wgGBZkFAzAWPLOZA@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>, Ira McDonald <blueroofmusic@gmail.com>
Content-Type: multipart/alternative; boundary="f403045c0e563d2fc7053ae5c069"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/D1TItrn9MjWnrTQavjV5vK-CW5k>
Cc: david wong <davidwong.crypto@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] [Cfrg] 3DES diediedie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2016 13:55:33 -0000
Hi, This survey of TLS in 1 million web servers shows that 93% support 3DES - oof! https://jve.linuxwall.info/blog/index.php?post/TLS_Survey 3DES hasn't quite disappeared on the Internet. Cheers, - Ira Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic http://sites.google.com/site/highnorthinc mailto: blueroofmusic@gmail.com Jan-April: 579 Park Place Saline, MI 48176 734-944-0094 May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434 On Thu, Aug 25, 2016 at 9:33 AM, Eric Rescorla <ekr@rtfm.com> wrote: > > > On Thu, Aug 25, 2016 at 6:21 AM, david wong <davidwong.crypto@gmail.com> > wrote: > >> I don't think a RFC deprecating them is a good idea: >> >> * TLS 1.3 is almost here and is already doing that >> * what browser still use 64-bit ciphers? Who lets his "old" browser open >> for 75 hours? >> > > Actually, I believe that all the major browsers support 3DES. > > -Ekr > > * in other uses of TLS. It's not always obvious if there is a possible >> beast style attacks. And their implementation might really well not be >> vulnerable (due to limiting number of messages according to specs) >> >> David >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org >> https://www.irtf.org/mailman/listinfo/cfrg >> > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > >
- [TLS] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Benjamin Kaduk
- Re: [TLS] [Cfrg] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Stephen Farrell
- Re: [TLS] [Cfrg] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Viktor Dukhovni
- Re: [TLS] 3DES diediedie Peter Gutmann
- Re: [TLS] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie John Mattsson
- Re: [TLS] [Cfrg] 3DES diediedie Stephen Farrell
- Re: [TLS] [Cfrg] 3DES diediedie Hubert Kario
- Re: [TLS] [Cfrg] 3DES diediedie david wong
- Re: [TLS] [Cfrg] 3DES diediedie Eric Rescorla
- Re: [TLS] [Cfrg] 3DES diediedie Ira McDonald
- Re: [TLS] [Cfrg] 3DES diediedie Hubert Kario
- Re: [TLS] 3DES diediedie Geoffrey Keating
- Re: [TLS] 3DES diediedie Dmitry Belyavsky
- Re: [TLS] [Cfrg] 3DES diediedie Stanislav V. Smyshlyaev
- Re: [TLS] 3DES diediedie Hanno Böck
- Re: [TLS] [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [TLS] [Cfrg] 3DES diediedie Watson Ladd
- Re: [TLS] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [TLS] [Cfrg] 3DES diediedie Karthikeyan Bhargavan
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Stephen Farrell
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Hubert Kario
- Re: [TLS] [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [TLS] [Cfrg] 3DES diediedie Joachim Strömbergson
- Re: [TLS] [Cfrg] 3DES diediedie John Mattsson
- [TLS] (confusing the issues) Re: [Cfrg] 3DES died… Rene Struik
- Re: [TLS] [Cfrg] 3DES diediedie Ilari Liusvaara
- Re: [TLS] (confusing the issues) Re: [Cfrg] 3DES … Dave Garrett
- Re: [TLS] [Cfrg] 3DES diediedie Jon Callas
- Re: [TLS] [Cfrg] (confusing the issues) Re: 3DES … Jon Callas
- Re: [TLS] [Cfrg] 3DES diediedie Steven M. Bellovin
- Re: [TLS] [Cfrg] (confusing the issues) Re: 3DES … Rene Struik
- Re: [TLS] [Cfrg] (confusing the issues) Re: 3DES … Greg Rose
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Hilarie Orman
- Re: [TLS] [Cfrg] 3DES diediedie Brian Sniffen
- Re: [TLS] [Cfrg] 3DES diediedie Hilarie Orman
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Steven M. Bellovin
- Re: [TLS] [Cfrg] 3DES diediedie Joachim Strömbergson
- Re: [TLS] [Cfrg] 3DES diediedie Hilarie Orman
- Re: [TLS] [Cfrg] 3DES diediedie Joachim Strömbergson
- Re: [TLS] [Cfrg] 3DES diediedie Kyle Rose
- Re: [TLS] 3DES diediedie Richard Hartmann
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Hilarie Orman
- Re: [TLS] [Cfrg] 3DES diediedie Ben Laurie
- Re: [TLS] [Cfrg] 3DES diediedie Ben Laurie
- Re: [TLS] [Cfrg] 3DES diediedie Joachim Strömbergson
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Dave Garrett
- Re: [TLS] [Cfrg] 3DES diediedie Ira McDonald
- Re: [TLS] [Cfrg] 3DES diediedie Philip Levis
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Joachim Strömbergson
- Re: [TLS] [Cfrg] 3DES diediedie Ilari Liusvaara
- Re: [TLS] [Cfrg] 3DES diediedie Richard Hartmann
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Salz, Rich
- Re: [TLS] [Cfrg] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Peter Gutmann
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Derek Atkins
- Re: [TLS] [Cfrg] 3DES diediedie Kyle Rose
- Re: [TLS] [Cfrg] 3DES diediedie Tony Arcieri
- Re: [TLS] [Cfrg] 3DES diediedie Yoav Nir
- Re: [TLS] [Cfrg] 3DES diediedie Kyle Rose