Return-Path: X-Original-To: tls@ietfa.amsl.com Delivered-To: tls@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D96951A903B for ; Wed, 16 Sep 2015 16:14:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.019 X-Spam-Level: X-Spam-Status: No, score=-0.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FRT_PROFILE2=1.981, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gNCzFkbM1JDH for ; Wed, 16 Sep 2015 16:14:51 -0700 (PDT) Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F3AE1A903A for ; Wed, 16 Sep 2015 16:14:51 -0700 (PDT) Received: by qkfq186 with SMTP id q186so492641qkf.1 for ; Wed, 16 Sep 2015 16:14:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=wh7hcYWk6iBVZ1AkiwtapzezyB2vYwQ5B3WJ89rafmU=; b=UhmNknGzu48M0yy6tqm219EdertoXPhGyHZpRONoYti3/+wshw1VJSlW4i3k5dPa51 bJhLjZR0yDHuebfr3YyC9sqScccJBkSeUZ4geN37lGEf1hEoEWDctDrS+21ZLvhgVznt upNYGSPHtcBV+QwIvICkN4VrhN9R9Vjtzd7WDKw6V8pkDyKhZnwWK1a72AWdbybL/NGr 7E3q7rlmyqQ8HExDTqyclBykkFGJI7VG86eaJXcAOoS3c0uJSzRpqJkAD8IYR6eIhs5A kuNFoIa9tg2b0HK+DCeLHtBIbHFtJF6ZN6VHCTDUq37BH7zr5jkluudnfgYFHq9YtWS6 d9Nw== X-Received: by 10.55.33.74 with SMTP id h71mr46309894qkh.71.1442445290636; Wed, 16 Sep 2015 16:14:50 -0700 (PDT) Received: from dave-laptop.localnet (pool-72-94-152-197.phlapa.fios.verizon.net. [72.94.152.197]) by smtp.gmail.com with ESMTPSA id e197sm68322qhc.30.2015.09.16.16.14.50 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 16 Sep 2015 16:14:50 -0700 (PDT) From: Dave Garrett To: Nico Williams Date: Wed, 16 Sep 2015 19:14:48 -0400 User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; ) References: <201509161837.21743.davemgarrett@gmail.com> <20150916230024.GS13294@localhost> In-Reply-To: <20150916230024.GS13294@localhost> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201509161914.48720.davemgarrett@gmail.com> Archived-At: Cc: tls@ietf.org Subject: Re: [TLS] TLS Provfiles (Was: Call for consensus to remove anonymous DH) X-BeenThere: tls@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Sep 2015 23:14:53 -0000 On Wednesday, September 16, 2015 07:00:25 pm Nico Williams wrote: > On Wed, Sep 16, 2015 at 06:37:21PM -0400, Dave Garrett wrote: > > On Wednesday, September 16, 2015 05:38:27 pm Viktor Dukhovni wrote: > > > On Wed, Sep 16, 2015 at 03:03:54PM -0400, Dave Garrett wrote: > > > > The suggestion that started this thread was to have a "Standard TLS Profile" > > > > that actually allowed EXPORT ciphers & SSL3. So yeah, this proposal feels > > > > like a suggestion to keep allowance of obsolete junk as the norm with > > > > "defensive" as a separate option, because that's what it specifically > > > > says. > > > > > > Object to such a profile, and rather than the idea of profiles. > > > There is no need for the TLS WG to define any profiles that include > > > SSL3 or EXPORT ciphers. > > > > That's a fair point, but I don't see the need for a profile once that > > stuff is not allowed anywhere. I could accept the notion of a TLS > > of weaker ciphers, so that we don't have physically splice it in here> Understood and agreed with. Opportunistic encryption gets to do things weird, and that's fine. It could get it's own document, which you could call a profile, but again, that's not the core of what was actually suggested. The start of this was a suggestion of OE, "standard" as crap, and "defensive" for non-crap. > > strict mode, where it's TLS 1.2 + PFS + AEAD + no > > SHA1/DSA/SSL2HELLO/etc. only, but that's not really a "profile" so > > much as one paragraph that could be added. Application profiles are > > already a thing, so I don't see why we also need a new mechanism here. > > It's a profile. Call it what you will. The rest of us call this a > profile. All the more so when profiles are named in an IANA registry. > Applications can then very trivially select an appropriate TLS profile > using standard profile naming. Yeah, we don't need to argue semantics. My point is that I'd agree with a more strict profile than what we have now as an addon, but not a more permissive profile, as was the initial suggestion. > > Let me put it this way, I see no way for the WG to reasonably agree on > > this without a proposed _set_ of profiles to go with it that we all > > could also live with. Just the vague notion of more profiles in > > abstract isn't sounding great on its own. > > We've certainly had a few proposed profiles over time. Your estimation > of what the WG would or would not agree to is not as interesting as, you > know, actually attempting to get consensus. Agreed, which is why I think this discussion would be more useful with actual specific profiles to talk about. ;) Dave