IETF Logo Mail Archive

Re: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)

"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Wed, 23 April 2014 18:16 UTC

Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA03C1A0499 for <tls@ietfa.amsl.com>; Wed, 23 Apr 2014 11:16:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X5hHjK8kU4PP for <tls@ietfa.amsl.com>; Wed, 23 Apr 2014 11:16:15 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe004.messaging.microsoft.com [213.199.154.207]) by ietfa.amsl.com (Postfix) with ESMTP id 7A1811A0495 for <tls@ietf.org>; Wed, 23 Apr 2014 11:16:15 -0700 (PDT)
Received: from mail59-am1-R.bigfish.com (10.3.201.241) by AM1EHSOBE015.bigfish.com (10.3.207.137) with Microsoft SMTP Server id 14.1.225.22; Wed, 23 Apr 2014 18:15:07 +0000
Received: from mail59-am1 (localhost [127.0.0.1]) by mail59-am1-R.bigfish.com (Postfix) with ESMTP id 06CB0405BF; Wed, 23 Apr 2014 18:15:07 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.248.5; KIP:(null); UIP:(null); IPV:NLI; H:AMSPRD0310HT003.eurprd03.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -5
X-BigFish: PS-5(zzbb2dI98dI148cI1dbaI1432Izz1f42h1ee6h1de0h1d18h1fdah2073h2146h1202h1e76h2189h1d1ah1d2ah21bch1fc6h208chzz1de098h8275bh1de097hz2fh109h2a8h839h944he5bhf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah224fh1d0ch1d2eh1d3fh1dfeh1dffh1fe8h1ff5h209eh2216h22d0h2336h2438h2461h2487h24ach24d7h2516h2545h255eh25cch25f6h2605h262fh268bh26d3h1155h)
Received-SPF: pass (mail59-am1: domain of rhul.ac.uk designates 157.56.248.5 as permitted sender) client-ip=157.56.248.5; envelope-from=Kenny.Paterson@rhul.ac.uk; helo=AMSPRD0310HT003.eurprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10019001)(6009001)(428001)(189002)(199002)(479174003)(51704005)(24454002)(19580405001)(76482001)(2656002)(80976001)(77982001)(83322001)(46102001)(19580395003)(86362001)(4396001)(20776003)(83072002)(92566001)(77096999)(92726001)(74502001)(74482001)(99396002)(74662001)(31966008)(87936001)(54356999)(76176999)(85852003)(79102001)(36756003)(81342001)(81542001)(50986999)(66066001)(80022001); DIR:OUT; SFP:1102; SCL:1; SRVR:DBXPR03MB384; H:DBXPR03MB383.eurprd03.prod
Received: from mail59-am1 (localhost.localdomain [127.0.0.1]) by mail59-am1 (MessageSwitch) id 13982769007582_28962; Wed, 23 Apr 2014 18:15:00 +0000 (UTC)
Received: from AM1EHSMHS015.bigfish.com (unknown [10.3.201.237]) by mail59-am1.bigfish.com (Postfix) with ESMTP id E8EF73A0091; Wed, 23 Apr 2014 18:14:59 +0000 (UTC)
Received: from AMSPRD0310HT003.eurprd03.prod.outlook.com (157.56.248.5) by AM1EHSMHS015.bigfish.com (10.3.207.153) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 23 Apr 2014 18:14:51 +0000
Received: from DBXPR03MB384.eurprd03.prod.outlook.com (10.141.10.20) by AMSPRD0310HT003.eurprd03.prod.outlook.com (10.255.40.38) with Microsoft SMTP Server (TLS) id 14.16.435.0; Wed, 23 Apr 2014 18:15:52 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) by DBXPR03MB384.eurprd03.prod.outlook.com (10.141.10.20) with Microsoft SMTP Server (TLS) id 15.0.921.12; Wed, 23 Apr 2014 18:15:52 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) by DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) with mapi id 15.00.0921.000; Wed, 23 Apr 2014 18:15:51 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: "Salz, Rich" <rsalz@akamai.com>
Thread-Topic: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)
Thread-Index: AQHPXCtzaRoqs6xj002Wq6Mdi5x8AJsfUwuAgAANH4CAADXHgP//8LYAgAAR3QA=
Date: Wed, 23 Apr 2014 18:15:50 +0000
Message-ID: <CF7DC161.1C4FC%kenny.paterson@rhul.ac.uk>
References: <CAFggDF0Kh+F3R+NtKZ-WhQWn3gO9quGhaFL8Qnx1a6TiVbAmGQ@mail.gmail.com> <20140423150707.F18C11ACDB@ld9781.wdf.sap.corp> <CACsn0cmP6pp_aMYrCb3-4QBae6v8uuNQYZZW8jxnMaSgPy8SXA@mail.gmail.com> <CF7DBB70.1C4C6%kenny.paterson@rhul.ac.uk> <2A0EFB9C05D0164E98F19BB0AF3708C7120C35E25E@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7120C35E25E@USMBX1.msg.corp.akamai.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
x-originating-ip: [134.219.227.30]
x-forefront-prvs: 01901B3451
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F424B2EF5463694BA2FA7B0A7B1D9C4C@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/U8HsPk-8b8QFiPE9wW6Sn1_RoKo
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RC4 Considered Harmful (Was: RC4 deprecation path)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Apr 2014 18:16:17 -0000

On 23/04/2014 19:12, "Salz, Rich" <rsalz@akamai.com> wrote:

>Thanks for posting; it's great to have a cryptographer weigh in.
>
>So, at the risk of putting you on the spot:  what do you think we
>(TLS-WG) should do?
>

I think we should deprecate RC4 now, in the hope that in the medium term,
we can reduce the amount of RC4 being negotiated in TLS.

As others have said, the RFC, if published, gives a useful stick with
which to beat the appropriate people/argue for change.

Cheers

Kenny

v2.23.0 | Report a Bug | By Email