IETF Logo Mail Archive

Re: [TLS] Should CCM_8 CSs be Recommended?

"Salz, Rich" <rsalz@akamai.com> Wed, 04 October 2017 11:58 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CCDC1243F6 for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 04:58:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5kYgQmwfS8vl for <tls@ietfa.amsl.com>; Wed, 4 Oct 2017 04:58:28 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [67.231.149.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7008D132397 for <tls@ietf.org>; Wed, 4 Oct 2017 04:58:28 -0700 (PDT)
Received: from pps.filterd (m0122332.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v94BvTi8016575; Wed, 4 Oct 2017 12:58:26 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=RYjd8QJXrHWJr0NYh80NIAu9UVKpJ92FyTg7RHMn2Cw=; b=YWmH9SYYmoh/sH/zP6u9QsG9Dz7s6c30W+jLFNUu3g7CTsoHti6oMEdw5/I9lRJk0yrO rWNfvG1OfRIui55N6UQy+t9wFsFy0hubYsdBWGldgVNblTekCu9S94Mh5deGmXNd35Dk glVoY57tV/TyDiAMMhwsY29arWcIJq2yXn//56lZuIAxNcqC0YwUA7y0syX1MSUeLWxA 6lwJJIXfROWCBujlmo8txe/2C2GZSfCBjPva0ahaaY10gEvbYZprNQYWcTKAYKz3vzlf +7scgFeTvg3rNr6guZgwnZ4nWpiaGIb5FUiuNlRvgUOuFtf+n5tfkfp88qjVpkNZTDot pg==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19]) by mx0a-00190b01.pphosted.com with ESMTP id 2da3ah3abj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 04 Oct 2017 12:58:26 +0100
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.21/8.16.0.21) with SMTP id v94BuQLO015605; Wed, 4 Oct 2017 07:58:25 -0400
Received: from email.msg.corp.akamai.com ([172.27.25.32]) by prod-mail-ppoint2.akamai.com with ESMTP id 2dcksmhess-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 04 Oct 2017 07:58:25 -0400
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.27.101) by ustx2ex-dag1mb1.msg.corp.akamai.com (172.27.27.101) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 4 Oct 2017 06:58:24 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.6.131]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.6.131]) with mapi id 15.00.1263.000; Wed, 4 Oct 2017 06:58:24 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Sean Turner <sean@sn3rd.com>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] Should CCM_8 CSs be Recommended?
Thread-Index: AQHTPJqL5DOxVoyYS0CQv5KHiX0PRaLT6sSA
Date: Wed, 04 Oct 2017 11:58:23 +0000
Message-ID: <A77ED838-9A38-41AB-B063-FC6BE6996373@akamai.com>
References: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com>
In-Reply-To: <CA26DC83-9524-4CDA-910A-7FDCBF73F849@sn3rd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.26.0.170902
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.32.242]
Content-Type: text/plain; charset="utf-8"
Content-ID: <D3AB7290416513448BF410C237A2C3D0@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-04_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710040172
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-04_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710040172
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/TbIF9QYV3-1Ji25VrwT86Q0FZew>
Subject: Re: [TLS] Should CCM_8 CSs be Recommended?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 11:58:29 -0000

➢  We’re recommending that these five suites be dropped from the recommended list.  Please let us know what you think.
    

Does “recommended” mean for general use, in the public Internet?  Or is it “I know it when I see it” kind of thing?

Either way, I support un-recommending them

v2.23.0 | Report a Bug | By Email