Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-bcp-00.txt
Patrick Pelletier <code@funwithsoftware.org> Mon, 09 September 2013 01:39 UTC
Return-Path: <code@funwithsoftware.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2AC421F99B7 for <tls@ietfa.amsl.com>; Sun, 8 Sep 2013 18:39:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.357
X-Spam-Level:
X-Spam-Status: No, score=-2.357 tagged_above=-999 required=5 tests=[AWL=0.242, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Zp8R6MYmcVO for <tls@ietfa.amsl.com>; Sun, 8 Sep 2013 18:39:10 -0700 (PDT)
Received: from asbnvacz-mailrelay01.megapath.net (asbnvacz-mailrelay01.megapath.net [207.145.128.243]) by ietfa.amsl.com (Postfix) with ESMTP id 7C5A621F8517 for <tls@ietf.org>; Sun, 8 Sep 2013 18:39:10 -0700 (PDT)
Received: from mail8.sea5.speakeasy.net (mail8.sea5.speakeasy.net [69.17.117.53]) by asbnvacz-mailrelay01.megapath.net (Postfix) with ESMTP id 9A8241EE4FB8 for <tls@ietf.org>; Sun, 8 Sep 2013 21:39:08 -0400 (EDT)
Received: (qmail 503 invoked from network); 9 Sep 2013 01:39:08 -0000
Received: by simscan 1.4.0 ppid: 24876, pid: 17595, t: 1.7054s scanners: clamav: 0.88.2/m:52/d:13495 spam: 3.0.4
Received: from dsl017-096-185.lax1.dsl.speakeasy.net (HELO PatrickMBP.local) (ppelleti@[69.17.96.185]) (envelope-sender <code@funwithsoftware.org>) by mail8.sea5.speakeasy.net (qmail-ldap-1.03) with AES256-SHA encrypted SMTP for <tls@ietf.org>; 9 Sep 2013 01:39:06 -0000
Message-ID: <522D26B8.80107@funwithsoftware.org>
Date: Sun, 08 Sep 2013 18:39:04 -0700
From: Patrick Pelletier <code@funwithsoftware.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: tls@ietf.org, perpass@ietf.org
References: <20130907224638.32356.96972.idtracker@ietfa.amsl.com> <522C3497.9020301@gmail.com>
In-Reply-To: <522C3497.9020301@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-bcp-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 01:39:15 -0000
One thing which I feel is missing is recommendations on the size of Diffie-Hellman parameters. It seems generally accepted that 1024-bit Diffie-Hellman is no longer secure, and yet that's what most folks are still using. How about something along the lines of "Diffie-Hellman parameters of at least 2048 bits SHOULD be chosen"? --Patrick On 9/8/13 1:25 AM, Yaron Sheffer wrote: > This is an early version of my proposal for a BCP-like document, to > inform the industry on what can be done with existing implementations, > while TLS 1.3 is still not ready. > > I would appreciate your comments of course. Specifically, > I would like to fill in the Implementation Status table (Sec. 5) and > would be glad to receive solid information (dates, planned dates, > version numbers) from implementers. > > Thanks, > Yaron > > -------- Original Message -------- > Subject: New Version Notification for draft-sheffer-tls-bcp-00.txt > Date: Sat, 07 Sep 2013 15:46:38 -0700 > From: internet-drafts@ietf.org > To: Yaron Sheffer <yaronf.ietf@gmail.com> > > > A new version of I-D, draft-sheffer-tls-bcp-00.txt > has been successfully submitted by Yaron Sheffer and posted to the > IETF repository. > > Filename: draft-sheffer-tls-bcp > Revision: 00 > Title: Recommendations for Secure Use of TLS and DTLS > Creation date: 2013-09-08 > Group: Individual Submission > Number of pages: 8 > URL: http://www.ietf.org/internet-drafts/draft-sheffer-tls-bcp-00.txt > Status: http://datatracker.ietf.org/doc/draft-sheffer-tls-bcp > Htmlized: http://tools.ietf.org/html/draft-sheffer-tls-bcp-00 > > > Abstract: > Over the last few years there have been several serious attacks on > TLS, including attacks on its most commonly used ciphers and modes of > operation. This document offers recommendations on securely using > the TLS and DTLS protocols, given existing standards and > implementations. > > > > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat
- [TLS] Fwd: New Version Notification for draft-she… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Paterson, Kenny
- Re: [TLS] Fwd: New Version Notification for draft… Patrick Pelletier
- Re: [TLS] Fwd: New Version Notification for draft… Peter Gutmann
- Re: [TLS] Fwd: New Version Notification for draft… Patrick Pelletier
- Re: [TLS] [perpass] Fwd: New Version Notification… Yoav Nir
- Re: [TLS] [perpass] Fwd: New Version Notification… Nikos Mavrogiannopoulos
- Re: [TLS] Fwd: New Version Notification for draft… Stephen Farrell
- Re: [TLS] Fwd: New Version Notification for draft… Michael Ströder
- Re: [TLS] New Version Notification for draft-shef… Yoav Nir
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Patrick Pelletier
- Re: [TLS] Fwd: New Version Notification for draft… Hanno Böck
- Re: [TLS] Fwd: New Version Notification for draft… Peter Gutmann
- Re: [TLS] New Version Notification for draft-shef… james hughes
- Re: [TLS] Fwd: New Version Notification for draft… Sean Turner
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer