IETF Logo Mail Archive

Re: [TLS] RC4 cipher with NNTP (RFC 4642)

Sean Turner <sean@sn3rd.com> Fri, 04 September 2015 00:58 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E4F81A6F91 for <tls@ietfa.amsl.com>; Thu, 3 Sep 2015 17:58:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.701
X-Spam-Level:
X-Spam-Status: No, score=-1.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVClyerldSG4 for <tls@ietfa.amsl.com>; Thu, 3 Sep 2015 17:58:48 -0700 (PDT)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C9ED1A01E2 for <tls@ietf.org>; Thu, 3 Sep 2015 17:58:47 -0700 (PDT)
Received: by qkcj187 with SMTP id j187so2941884qkc.2 for <tls@ietf.org>; Thu, 03 Sep 2015 17:58:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=c2CiLwrPFZ3f4cY92vr0PJFGfoSOe3p+gvIelTI2U/Q=; b=NxEu+k+yYdcfl9wnjxe15dxdnLlWJ9XEc1/cGZbkJuSiE/j9d3kFtq/OtpVPIDbG7p j+csZUGFL06NccByhEO+lAmbUomVqgMPpQoEG2A/oKCvaat8idDPIys/u6/TpQC0kvHy Ojkf5NT/jtE/UOpw9TnWtpzHLK3C1m1SMNJAU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=c2CiLwrPFZ3f4cY92vr0PJFGfoSOe3p+gvIelTI2U/Q=; b=O6w/QlJ40x8bB8xlVfZ6/UEiuqVYlQnsHn+xpU+79GosSZxQMUuas1XjLbZ4PFNoSA Ek334A5sm5O954WWWhSxukkKwZ/Er6JMQAW+ixAJKewnBPBqZGzTMW7AtRnc3cyajnyw 0e5v2uwRhbjuau+xPPwfstpO5KH3t8DqxJpmGTBNDJ9qls4W4VLdnP8ADx3giJgO9D8n yB36ggedLl9es/q3Ld8BtEY7UNDgPyxrsYpQHRUHAmgUNYnGm4qJq3j/zzdnvxfiUohg 00nR3If8/iDcrt17efhnWIXqOQ6OiINc/LOAn2ih9BvNorDe+1GatViRrmv2RopVkKKI EoMA==
X-Gm-Message-State: ALoCoQkqSce8vypsDnMK1TtXLdFt464ekihaOrYzDl2FkHiPm39JZrJF7/FtkOwi3LfMeWrj/6jf
X-Received: by 10.55.19.201 with SMTP id 70mr1204595qkt.103.1441328326618; Thu, 03 Sep 2015 17:58:46 -0700 (PDT)
Received: from [172.16.0.112] ([96.231.216.201]) by smtp.gmail.com with ESMTPSA id z128sm391020qhd.43.2015.09.03.17.58.45 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 03 Sep 2015 17:58:45 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <55E8137D.60401@trigofacile.com>
Date: Thu, 03 Sep 2015 20:58:42 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <1F9D5C29-1A5D-4535-A9F7-45CC8F09D311@sn3rd.com>
References: <55E70A3F.9030902@trigofacile.com> <28250416ec74427d829d9e8598289eb1@usma1ex-dag1mb4.msg.corp.akamai.com> <55E713B2.5070407@trigofacile.com> <DAC3C031-3C52-4FDF-AEAE-3C1EB0623FEB@sn3rd.com> <55E8137D.60401@trigofacile.com>
To: Julien ÉLIE <julien@trigofacile.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/WDmopJdiM-V9nrqKT88HlBT2HXg>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] RC4 cipher with NNTP (RFC 4642)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Sep 2015 00:58:50 -0000

On Sep 03, 2015, at 05:31, Julien ÉLIE <julien@trigofacile.com> wrote:

> Hi Sean,
> 
>> I guess I’m not following why we need a new NNTP draft either.
> 
> RFC 4642 (TLS with NNTP) states:
> 
>   In general, the security considerations of the TLS protocol [TLS] and
>   any implemented extensions [TLS-EXT] are applicable here; only the
>   most important are highlighted specifically below.
>   [...]
>   NNTP client and server implementations MUST implement the
>   TLS_RSA_WITH_RC4_128_MD5 cipher suite [...] This is
>   important, as it assures that any two compliant implementations can
>   be configured to interoperate.
> 
> 
> Along with latest RFCs about TLS, it becomes inconsistent.  No NNTP implementation can now be RFC-compliant to both NNTP specifications and TLS specifications as there are two incompatible MUST.
> 
> That's why I thought we need a new NNTP draft about the use of TLS.  (An erratum to RFC 4642 is normally not enough because it is a real change to the protocol.)
> 
> 
> Isn't it a valid reason?
> RFC 7465 that prohibits RC4 updates the 3 RFCs related to TLS 1.0, 1.1 and 1.2.  It does not update RFC 4642 for NNTP.
> 
> 
> 
>> If
>> you’re looking or something that specifically updates the NNTP MTI
>> cipher suites, then there isn’t such an RFC.  But, RFC 7525 (aka BCP
>> 195) points to RFC 7465 that prohibits RC4 (for all versions of
>> TLS), so if an NNTP implementer is faithfully implementing TLS and
>> related RFCs then they’ll end up supporting TLS 1.2 with one of the
>> cipher suites in s4.2 of RFC 7525.
> 
> Yes, I understand.  A compliant NNTP implementation will support one of the mandatory cipher suites specified in TLS.  So interoperability will be guaranteed.
> 
> My concern is for the also mandatory RC4 cipher suite for a compliant NNTP implementation using TLS (per RFC 4642).  I do not see how to conciliate the wording of RFC 4642 with latest RFCs related to TLS.
> 
> Maybe I am misunderstanding something in how RFCs work.  Have latest RFCs related to TLS automatically taken precedence on the wording of RFC 4642 without any update relationship between them?
> 
> 
> 
>> If you really, really want to have something that updates RFC 4642
>> (likely referring to BCP 195), then there’s nothing stopping you from
>> writing that draft.  If you get no nibbles on said draft from the
>> ietf-nntp list I’d try UTA
>> (http://datatracker.ietf.org/wg/uta/charter/).  Note that said draft
>> is out-of-scope for the TLS WG.
> 
> OK, thanks for your advice.
> I understand that an NNTP draft is out-of-scope of the TLS WG.  I asked in that WG because I thought an update relationship between RFC 4642 and the latest documents produced by the TLS WG would have been enough and more straight-forward to solve the wording incompatibility that RFC 7465 introduced earlier this year.
> I pretty well understand that the unfortunate reference to cipher suites in RFC 4642 was not known by the TLS WG; so nobody knew that it was time to do special care for it.  Neither do I myself followed the drafts and the last call of the prohibition of RC4.
> 
> That's why I wrote here to in fact ask what could now be done.  I thought it could be up to a Section of RFCs produced by the TLS WG that could update RFC 4642.  It finally appears that another way should be found:  either the NNTP or the UTA WG.
> 
> 
> Do not hesitate to correct me if I am wrong in certain points.
> And thanks again to all who answered,

The easiest way to think about this is that the UTA WG was started to avoid having to write 10-50 drafts updating each RFC that specified an application’s use of TLS. They wrote one draft that ended up being a BCP that basically says that any implementer that is faithfully implementing TLS implement the algorithms specified in that BCP.  What might have tied this all up is an updates header in the BCP that listed every single RFC that is updated.  But, that header would be really long and kind of not necessary because I think that’s what a BCP is all about.

Also, I wouldn’t get too wrapped around the updates header because the meaning has changed over time.  At some points it has been used to point implementers at other related RFCs, but what I think the IESG has settled onto now (Stephen correct me if I’m wrong) is that the update header indicates that implementations of the updated RFC are expected to implement the update (note that expected is too strong of a word because implementing RFCs is purely voluntary - there’s no protocol police).

spt

v2.23.0 | Report a Bug | By Email