[TLS] 1.0 or else (was Re: Working Group Last Call for draft-ietf-tls-sslv3-diediedie-00)

Martin Thomson <martin.thomson@gmail.com> Thu, 29 January 2015 05:05 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id DDA101A8BB5 for <tls@ietfa.amsl.com>; Wed, 28 Jan 2015 21:05:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 10Dv0OZ7iLjx for <tls@ietfa.amsl.com>; Wed, 28 Jan 2015 21:05:02 -0800 (PST)
Received: from mail-oi0-x231.google.com (mail-oi0-x231.google.com [IPv6:2607:f8b0:4003:c06::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 903D01A1BB3 for <tls@ietf.org>; Wed, 28 Jan 2015 21:05:02 -0800 (PST)
Received: by mail-oi0-f49.google.com with SMTP id a3so23261018oib.8 for <tls@ietf.org>; Wed, 28 Jan 2015 21:04:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=ycRglzXhn8s/cFCFYL0atbCbzkGF1EP3672W772a57Q=; b=flloKY/n5t4ZMrh0qRC4b3VBAw5g+t4Z1snLVD29MiKO3XLo+oRl/Bm7mf8DBoW3hX fXBHGcq5KyGZ72pDiltz9+vjXBlwZO4zmAZER0cODBAooz4PnpO2kxI+lkYEj0trMgZ5 BGyZTHXPK0ZJUlonyNxFK1oxbxiNgRfwB79pj6hgMzEXSu6A8cGutk5BfgsIkFKpov58 Kz5vtR1nqZ/fZqgEoSNBwSk+aHLUY7RRZ+/7BHSEXacPbFutjc8VaWkA5DV0i+FQNkfB lPWYjvubaPMSXMzCUpanXY3VgjuBN5LVvSh8KLUMN6yndceFxpTHOk6IgdS6S2PPnyUi lzqA==
MIME-Version: 1.0
X-Received: by with SMTP id n204mr4153599oib.77.1422507899638; Wed, 28 Jan 2015 21:04:59 -0800 (PST)
Received: by with HTTP; Wed, 28 Jan 2015 21:04:59 -0800 (PST)
Date: Wed, 28 Jan 2015 21:04:59 -0800
Message-ID: <CABkgnnXGhv3RY24za701svnjepb8ehSp8jA90zCN6dJWMZGs5Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "mrex@sap.com" <mrex@sap.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/MPQl68ZUmzLRXSODiCZ52-psVTU>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: [TLS] 1.0 or else (was Re: Working Group Last Call for draft-ietf-tls-sslv3-diediedie-00)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 05:05:05 -0000

On 28 January 2015 at 15:31, Martin Rex <mrex@sap.com> wrote:
> That's not quite true.  There es little, if any stuff outside of the
> browser world that could go to > extension-less TLSv1.0, because there
> are still too many servers out there that will abort the handshake
> when extensions are present or when the version is > TLSv1.0.

Our limited survey thus far has identified only a small number (0.27%)
of sites [1][2] that can't handle our TLS 1.2 handshake [3], even
though they will tolerate our TLS 1.0 handshake.  In contrast,
disabling SSL3 affected more than twice this amount.

Note that we don't drop extensions now that SSL3 is disabled, so we
have no information on Martin's claims of extension intolerance.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1084025#c96
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1084025#c99
[3] We use a TLS 1.0 record layer, 1.2 ClientHello and a modest set of