[TLS] Some questions about TLS False Start and symmetric ciphers.
Fabrice Gautier <fabrice.gautier@gmail.com> Wed, 08 January 2014 21:59 UTC
Return-Path: <fabrice.gautier@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 874191ACC91 for <tls@ietfa.amsl.com>; Wed, 8 Jan 2014 13:59:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qQIDRDsKWu44 for <tls@ietfa.amsl.com>; Wed, 8 Jan 2014 13:59:44 -0800 (PST)
Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) by ietfa.amsl.com (Postfix) with ESMTP id BA3561AC3FA for <tls@ietf.org>; Wed, 8 Jan 2014 13:59:43 -0800 (PST)
Received: by mail-wg0-f46.google.com with SMTP id m15so2008479wgh.13 for <tls@ietf.org>; Wed, 08 Jan 2014 13:59:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=s8tFyzaf+C+7VapqAPWSHTJ4Ck2GjHdLMfvDmpaU6xs=; b=S60qpzi72EdAzLRM7pceBfDjwKRzwkE3fhxU4NidIyN2oG2eeqZb8gaxe2sjGLgXE2 yIkrOcBQx0WxU7Y5e1ZKS6t265mrNXIygR9Mh0/QUuAFILwBIteGCkCRU2ee3nSw909H +XCy/aff4fHOx+3QwM2X+8MZiOyHv2cFdXu7WZ2BALelT8YZC2ocZvKoHEjDygyvLsUu aIfCyvJpOmZP0K5EZAcrlsRWd4Zz7WB663P7jYibWiv74VFJ5vFJS8g8q1T6hg4Hoqic ac6jbUTRihHI1vubR5BWa7oL5z7EHskNxbt+9jpeHsZwpWqRtG9LPTTCTAuaENQEIr8B WYOg==
X-Received: by 10.180.205.162 with SMTP id lh2mr95114wic.57.1389218373874; Wed, 08 Jan 2014 13:59:33 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.84.202 with HTTP; Wed, 8 Jan 2014 13:59:12 -0800 (PST)
From: Fabrice Gautier <fabrice.gautier@gmail.com>
Date: Wed, 08 Jan 2014 13:59:12 -0800
Message-ID: <CANOyrg9m6iQ94Vk+eQ752DJkv6w97qDNADQmg+WmR+fOQ1WXLg@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Subject: [TLS] Some questions about TLS False Start and symmetric ciphers.
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 21:59:45 -0000
Hi all, A couple questions: 1) http://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00 is a few years old. Was there any intent to make this an actual RFC at some point ? 2) What was the rational for leaving some symmetric ciphers out of the white list. In particular, why was 3DES not part of the whitelist, and should RC4 still be on the whitelist ? My understanding is that the purpose of the whitelist was that an attacker would not be able downgrade to a trivially brute forceable cipher (e.g.: NULL, single DES...). My understanding is that even the best attacks on 3DES and RC4 still require an attacker to capture many messages, so that capturing a single encrypted message due to false start does not give you much advantage. Or putting it another way: If a cipher is considered not good enough for False Start, why would it be good enough for TLS without False Start ? Thanks -- Fabrice
- [TLS] Some questions about TLS False Start and sy… Fabrice Gautier
- Re: [TLS] Some questions about TLS False Start an… Adam Langley
- Re: [TLS] Some questions about TLS False Start an… Nikos Mavrogiannopoulos
- Re: [TLS] Some questions about TLS False Start an… Bodo Moeller