Re: [TLS] Consensus Call for acceptance of draft-gillmor-tls-negotiated-dl-dhe-02
Nikos Mavrogiannopoulos <nmav@redhat.com> Tue, 24 June 2014 09:24 UTC
Return-Path: <nmav@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E1771B28A4 for <tls@ietfa.amsl.com>; Tue, 24 Jun 2014 02:24:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.654
X-Spam-Level:
X-Spam-Status: No, score=-5.654 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qFHCkybsAy5L for <tls@ietfa.amsl.com>; Tue, 24 Jun 2014 02:24:13 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D725D1B289E for <tls@ietf.org>; Tue, 24 Jun 2014 02:24:13 -0700 (PDT)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s5O9OBCt004906 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 24 Jun 2014 05:24:12 -0400
Received: from [10.34.2.127] (dhcp-2-127.brq.redhat.com [10.34.2.127]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s5O9O9UX022515 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Tue, 24 Jun 2014 05:24:11 -0400
Message-ID: <1403601849.2337.50.camel@dhcp-2-127.brq.redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Watson Ladd <watsonbladd@gmail.com>
Date: Tue, 24 Jun 2014 11:24:09 +0200
In-Reply-To: <CACsn0cmWTMo4sbSem1UjtvtnGAAtW6JFNVdg=J3t7GyuLoaG=Q@mail.gmail.com>
References: <C5353235-60DA-4193-BEE5-38FBD0D531AE@cisco.com> <53A8EC80.3060309@iki.fi> <CACsn0cmWTMo4sbSem1UjtvtnGAAtW6JFNVdg=J3t7GyuLoaG=Q@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/DsvabnCueJCUU4hf6xeNHHaRURk
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call for acceptance of draft-gillmor-tls-negotiated-dl-dhe-02
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jun 2014 09:24:15 -0000
On Mon, 2014-06-23 at 21:19 -0700, Watson Ladd wrote: > Dear all, > > I'm very undecided about this proposal. While it does solve a security > issue in TLS, so does disabling DHE in favor of ECDH. It's likely that > this extension will not be widely deployed, and DHE without the > extension is insecure. I think we run the risk of implementations > supporting DHE, ostensibly with the extension, but in practice still > vulnerable to Triple DH. Given the performance disadvantages of DHE > compared with ECDH, I don't really see a benefit to supporting it, > given that legacy implementations will not support this extension. The disadvantage of what you propose is that we stick with ECDHE, and on the first vulnerability known for the ECDHE ciphersuites we have no alternative to fall back (note that the proposal solves a compatibility issue of the DHE ciphersuites, it is not solely a security enhancement as you imply - see the abstract and introduction). regards, Nikos
- [TLS] Consensus Call for acceptance of draft-gill… Joseph Salowey (jsalowey)
- Re: [TLS] Consensus Call for acceptance of draft-… Alfredo Pironti
- Re: [TLS] Consensus Call for acceptance of draft-… Nikos Mavrogiannopoulos
- Re: [TLS] Consensus Call for acceptance of draft-… Tapio Sokura
- Re: [TLS] Consensus Call for acceptance of draft-… Watson Ladd
- Re: [TLS] Consensus Call for acceptance of draft-… Nikos Mavrogiannopoulos
- Re: [TLS] Consensus Call for acceptance of draft-… Hubert Kario