Re: [TLS] prohibit <1.2 support on 1.3+ servers (but allow clients)

Martin Thomson <martin.thomson@gmail.com> Thu, 21 May 2015 23:29 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 530F01A90AD for <tls@ietfa.amsl.com>; Thu, 21 May 2015 16:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 061ExjCdAOBC for <tls@ietfa.amsl.com>; Thu, 21 May 2015 16:29:16 -0700 (PDT)
Received: from mail-yk0-x235.google.com (mail-yk0-x235.google.com [IPv6:2607:f8b0:4002:c07::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E5AE1A88F0 for <tls@ietf.org>; Thu, 21 May 2015 16:29:16 -0700 (PDT)
Received: by ykfr66 with SMTP id r66so857831ykf.0 for <tls@ietf.org>; Thu, 21 May 2015 16:29:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=FJL5gPG4vf34L3J3t72TSzPH0N081Mo8Nnr8BVtRsQ4=; b=MMQeV1Pr/YfCsRXQli4kgKJ26OV6OHVi4pM9MOuT1FGSvVLWqaoluC83Nw2WNgnjDA EVnotKfpIM1BHR104klam7CUNY3rWpBCXM5uZfwa3FroTS+IhhOpc+xwWce9Nlq3bkZS DOmCRWu2CLJFLAMYBa3GMdz6anCnHKkZKJC67GyxANXhHMTfzARMAEdLWF+qiCsBA+bw 2NM7HrPZv4svkIaXoQXRBNjJ3gPWF56JlciSGMCjO4dsclI6nKBEG544mqYPZGgq47u3 unThC/U0DfwDyHB3TEF58pa5s7RqpBuw96sok8E3mSroBltmrL8rFJx+xNNGs5SCfxe4 ZnzQ==
MIME-Version: 1.0
X-Received: by 10.236.13.16 with SMTP id a16mr5222676yha.93.1432250955489; Thu, 21 May 2015 16:29:15 -0700 (PDT)
Received: by 10.13.247.71 with HTTP; Thu, 21 May 2015 16:29:15 -0700 (PDT)
In-Reply-To: <201505211210.43060.davemgarrett@gmail.com>
References: <201505211210.43060.davemgarrett@gmail.com>
Date: Thu, 21 May 2015 16:29:15 -0700
Message-ID: <CABkgnnW-3ccJqM634dtjgqLGbc11Z2LgFFxpC2EjF-8dKk4o2A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/QcALW-6yE-B71JF8sHqvGvFY3z8>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] prohibit <1.2 support on 1.3+ servers (but allow clients)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 23:29:17 -0000

On 21 May 2015 at 09:10, Dave Garrett <davemgarrett@gmail.com>; wrote:
>
> 2) For TLS 1.3, add a blurb to the effect of:
> "Server TLS implementations supporting TLS 1.3 or later MUST NOT negotiate TLS 1.0 or TLS 1.1 for any reason.
> Client TLS implementations are RECOMMENDED to not support old TLS versions, where possible."

I don't think that this is the right way to do this.

I'm happy to be the one wielding the stick when the time is right, but
I probably won't come here to do it.

Implementations and operators of those implementations will make that
determination on their own, based on their own needs.  For example, we
support crappy crypto on the Firefox download site - including SSL3 -
on the basis that it makes more sense to allow clients who only
support SSL3 to download our software.  That way, they might get an
approximation of good crypto rather than being left with the rubbish
they have.

We have a very different policy for our accounts servers, of course.