Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
"Carl S. Gutekunst" <csg@alameth.org> Sat, 04 October 2014 18:27 UTC
Return-Path: <csg@alameth.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF4321A0126 for <tls@ietfa.amsl.com>; Sat, 4 Oct 2014 11:27:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.788
X-Spam-Level:
X-Spam-Status: No, score=-2.788 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EHgYaU5DgpLh for <tls@ietfa.amsl.com>; Sat, 4 Oct 2014 11:26:59 -0700 (PDT)
Received: from articuno.alameth.org (articuno.alameth.org [IPv6:2600:3c01::f03c:91ff:fe70:755c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 938991A0115 for <tls@ietf.org>; Sat, 4 Oct 2014 11:26:59 -0700 (PDT)
Received: from [192.168.147.8] (76-191-206-73.dsl.dynamic.sonic.net [76.191.206.73]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by articuno.alameth.org (Postfix) with ESMTPS id 450FE852A; Sat, 4 Oct 2014 18:32:34 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=alameth.org; s=n01; t=1412447554; bh=IqS25kz1DtpRpoPcNBPwNJR0lpDuEjxGAkmGU3OoW6k=; h=Date:From:To:Subject:References:In-Reply-To; b=f2ebAzhCxOyFbe9j5v0G3BoR8OfMyAGpX78JBNkDtLXNCgMl7mSugpPYeatH7sMEx Os/iPieSosBIrGbGe6EVx2aj4Hl2FAK3eYvGeJ6GyhUZjRCyCLfNm6vs0S7YIgUPNW +21HNVt47Ty/TrI43vz8wssvqNOi3A7KgOVz8RWk=
Message-ID: <54303BF2.2090904@alameth.org>
Date: Sat, 04 Oct 2014 11:26:58 -0700
From: "Carl S. Gutekunst" <csg@alameth.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: Hubert Kario <hkario@redhat.com>, tls@ietf.org
References: <20141002005804.2760C1AE9D@ld9781.wdf.sap.corp> <BA2DFF33-7B0C-4E87-9C0E-215933AED88F@akr.io> <2A0EFB9C05D0164E98F19BB0AF3708C71D2F8F7E83@USMBX1.msg.corp.akamai.com> <CADMpkcJEt4e7LJAY+FsFcbyQE2x3SXsaOW3bffV4U2oN9EUKrg@mail.gmail.com> <542D850E.2060900@akr.io> <CADMpkc+Zbu64wek2HayW2tCf+d1ZYLocMp2PzXncyS=fHPDwsg@mail.gmail.com> <542DB1D4.4020601@akr.io> <20141003042418.GS13254@mournblade.imrryr.org> <1878200851.5790803.1412334914571.JavaMail.zimbra@redhat.com>
In-Reply-To: <1878200851.5790803.1412334914571.JavaMail.zimbra@redhat.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/WOzZLEDZB380vYG70zCdUNw7kpM
Subject: Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Oct 2014 18:27:01 -0000
On 10/03/2014 04:15 AM, Hubert Kario wrote: > This is not the case. > > Only about 1% of servers support only RC4 cipher, 1.5% if you're > using Firefox[1]. > > On the other hand, over 21% of servers will negotiate a RC4 cipher > in case you're using Firefox (and nearly 18% if you're using > OpenSSL-like supported cipher list). Note that in the SMTP world, use of RC4 (and a bias towards RC4) is more prevalent than on web servers. This is in large measure because Microsoft Exchange Server 2003 shipped with only RC4 and 3DES, and the 3DES implementation crashed somewhere around the MAIL FROM dialog. I still regularly run into these old, unpatched servers. I tell them to install AES support, but they usually ignore me, abandon my product, and switch to one that "works" -- that is, it uses TLS v1 and RC4. <csg>
- [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Martin Rex
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Watson Ladd
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Alyssa Rowan
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Hanno Böck
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Bodo Moeller
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Bodo Moeller
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Alyssa Rowan
- [TLS] adopting ChaCha20 as a WG item was: I-D Act… Nikos Mavrogiannopoulos
- Re: [TLS] adopting ChaCha20 as a WG item was: I-D… Yoav Nir
- Re: [TLS] adopting ChaCha20 as a WG item was: I-D… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Bodo Moeller
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Alyssa Rowan
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Andrei Popov
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Martin Rex
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Bodo Moeller
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Alyssa Rowan
- Re: [TLS] adopting ChaCha20 as a WG item was: I-D… Yoav Nir
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Geoffrey Keating
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Watson Ladd
- [TLS] why Chacha20-SHA1 was: adopting ChaCha20 as… Nikos Mavrogiannopoulos
- Re: [TLS] why Chacha20-SHA1 was: adopting ChaCha2… Joachim Strömbergson
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Yoav Nir
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Watson Ladd
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Peter Gutmann
- Re: [TLS] why Chacha20-SHA1 was: adopting ChaCha2… Brian Smith
- Re: [TLS] why Chacha20-SHA1 was: adopting ChaCha2… Watson Ladd
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… James Cloos
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Paul Lambert
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Ryan Carboni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Carl S. Gutekunst
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Watson Ladd
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… James Cloos
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Andrei Popov
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Martin Rex
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Yoav Nir
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Martin Rex
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Ralph Holz
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Ronald del Rosario
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Daniel Kahn Gillmor
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Chris Newman
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Joseph Salowey
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Andrei Popov
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Watson Ladd
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Andrei Popov
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Alyssa Rowan
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Yoav Nir
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Ryan Carboni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Ryan Carboni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Paterson, Kenny
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Hubert Kario
- [TLS] Fw: I-D Action: draft-ietf-tls-prohibiting-… Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Stephen Checkoway
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Salz, Rich
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Stephen Farrell
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Daniel Kahn Gillmor
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Daniel Kahn Gillmor
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Geoffrey Keating
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Viktor Dukhovni
- Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-… Blumenthal, Uri - 0558 - MITLL