Re: [TLS] Fixing TLS

Ilari Liusvaara <ilariliusvaara@welho.com> Thu, 14 January 2016 05:06 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B7BE1A8FD7 for <tls@ietfa.amsl.com>; Wed, 13 Jan 2016 21:06:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X_CWHY-UQPx0 for <tls@ietfa.amsl.com>; Wed, 13 Jan 2016 21:06:36 -0800 (PST)
Received: from welho-filter3.welho.com (welho-filter3.welho.com [83.102.41.25]) by ietfa.amsl.com (Postfix) with ESMTP id 00F061A903F for <tls@ietf.org>; Wed, 13 Jan 2016 21:06:35 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter3.welho.com (Postfix) with ESMTP id 4E4F4425; Thu, 14 Jan 2016 07:06:34 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter3.welho.com [::ffff:83.102.41.25]) (amavisd-new, port 10024) with ESMTP id ZnEGYDnC1RZx; Thu, 14 Jan 2016 07:06:33 +0200 (EET)
Received: from LK-Perkele-V2 (87-92-35-116.bb.dnainternet.fi [87.92.35.116]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id 3013B286; Thu, 14 Jan 2016 07:06:33 +0200 (EET)
Date: Thu, 14 Jan 2016 07:06:30 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Message-ID: <20160114050629.GA23796@LK-Perkele-V2.elisa-laajakaista.fi>
References: <9A043F3CF02CD34C8E74AC1594475C73F4BC6849@uxcn10-5.UoA.auckland.ac.nz> <9A043F3CF02CD34C8E74AC1594475C73F4BC727B@uxcn10-5.UoA.auckland.ac.nz> <CACsn0ckao2wyptscLq1feQUWyPkkHm6mmarF=7roWv8vGAZkxA@mail.gmail.com> <1697088.4ma2uCFsM4@pintsize.usersys.redhat.com> <9A043F3CF02CD34C8E74AC1594475C73F4BC7853@uxcn10-5.UoA.auckland.ac.nz> <94395a3c029c493eb491eb3db90e3ed1@usma1ex-dag1mb1.msg.corp.akamai.com> <9A043F3CF02CD34C8E74AC1594475C73F4BC815F@uxcn10-5.UoA.auckland.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4BC815F@uxcn10-5.UoA.auckland.ac.nz>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: ilariliusvaara@welho.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Gh61MlR7i5gXOGM9nFmoX1rBj4w>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Fixing TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2016 05:06:38 -0000

On Thu, Jan 14, 2016 at 12:14:48AM +0000, Peter Gutmann wrote:
> Salz, Rich <rsalz@akamai.com>; writes:
> 
> >> TLS needs an LTS version that you can just push out and leave to its own
> >> devices
> >
> >So don't you have that with TLS 1.1 and appropriate cipher and option
> >choices?
> 
> Based on the feedback I've had, I'm kinda tempted to do a TLS 1.2 LTS draft
> that specifices just a single boolean flag, "use this known-good configuration
> and not the 6.023e23 other ones and you should be good for the next decade or
> so".  That can then be baked into long-term systems and devices and left alone
> while people get on with other things.

To actually fix the known problems with TLS 1.2, you would at minimum
need a new extension, since there is currently no way to fix the broken
server authentication.

Then there are the other security fix extensions (at least three already).
Those all would need to be impiled.

And then there is the TLS 1.2 Diffie-Hellman issue...


-Ilari