IETF Logo Mail Archive

[TLS] RC4 depreciation path (Re: Deprecating more (DSA?))

Watson Ladd <watsonbladd@gmail.com> Sat, 19 April 2014 06:03 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 393151A01E0 for <tls@ietfa.amsl.com>; Fri, 18 Apr 2014 23:03:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4RzKf4oBSWUN for <tls@ietfa.amsl.com>; Fri, 18 Apr 2014 23:03:48 -0700 (PDT)
Received: from mail-yh0-x22e.google.com (mail-yh0-x22e.google.com [IPv6:2607:f8b0:4002:c01::22e]) by ietfa.amsl.com (Postfix) with ESMTP id 6199A1A01BF for <tls@ietf.org>; Fri, 18 Apr 2014 23:03:48 -0700 (PDT)
Received: by mail-yh0-f46.google.com with SMTP id b6so2046273yha.5 for <tls@ietf.org>; Fri, 18 Apr 2014 23:03:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=pbvq41rPf5sNP/F/5jxtOlSXAtHRx9Bsg4YUxqO9O3E=; b=WMeulqkOAQh0gv4UZBsMYABvmgP0LHKEBrcozQkk+k74vpl3QIFI+ClUD2O35ajt68 aHYMZfR1UauD9u+EGmtwMIs/vl5gYYx1i8m/MecJ4Cg5MHjtvxwFUoZL84j7+odcdK1d /hRlRv2BT/iEMU+GswCvyXLkDmLqKyLSF632k3vtwK1lH2KCF38tQAS94uBdByKj1593 l6gkR1ayna5Hdc0etu8BhQ7Ra7a18QupQB5rZyiO8yrb6djuqM+io5p32jKxVsOubrWr tRWcBtfn+HLIUtYCml1N2sYkt9EmTRuHiZo7SLIRT9izCCUKJRP2rcpqirJRDY+phkC0 4Wpg==
MIME-Version: 1.0
X-Received: by 10.236.127.68 with SMTP id c44mr35629375yhi.1.1397887424104; Fri, 18 Apr 2014 23:03:44 -0700 (PDT)
Received: by 10.170.63.197 with HTTP; Fri, 18 Apr 2014 23:03:44 -0700 (PDT)
Date: Fri, 18 Apr 2014 23:03:44 -0700
Message-ID: <CACsn0cnZFScA1WnitpHH--6_Kd0spfLQvmvniyCSnUmvr8xVhg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Brian Sniffen <bsniffen@akamai.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/IlQLyHGuHxZmnCAbzfzlf2Fyc3g
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: [TLS] RC4 depreciation path (Re: Deprecating more (DSA?))
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Apr 2014 06:03:53 -0000

On Thu, Apr 17, 2014 at 9:15 AM, Brian Sniffen <bsniffen@akamai.com> wrote:
> Alyssa Rowan <akr@akr.io> writes:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> It looks like RC4 is rapidly heading for the chopping block, with
>> basically unanimous consensus. Good.
>
> Agreed, mod Martin's proposal that I understand to ask for a reasonable
> path by which we strongly deprecate RC4 on clients, then after a client
> generation ban RC4 on clients and deprecate for servers.

I don't think this is the correct path. I think what we should do is
have clients and servers both prefer other options (in all TLS
versions), then once that change is made, ban it entirely. Deprecation
on one side won't affect the other side if there isn't an alternative
mandated. (Right now RC4 only servers are keeping RC4 alive).

This first step has already happened in the web context on modern
browsers. What we need is to make the server side step happen, and
then think about removal in the second step.

Sadly, our ability to force upgrades is very limited.

How long a client generation were you thinking? Because I could see
cryptanalysis speeding up: RC4 has been neglected for about 12 years
after WEP, but the new techniques of massive brute force coupled with
some good idea might bear fruit sooner than expected.

Sincerely,
Watson Ladd



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

v2.23.0 | Report a Bug | By Email