Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1.1"
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 14 May 2019 17:33 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2FE8120137 for <tls@ietfa.amsl.com>; Tue, 14 May 2019 10:33:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id knTpRiimPAPd for <tls@ietfa.amsl.com>; Tue, 14 May 2019 10:33:23 -0700 (PDT)
Received: from mail-ot1-x330.google.com (mail-ot1-x330.google.com [IPv6:2607:f8b0:4864:20::330]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BFDF1200B1 for <tls@ietf.org>; Tue, 14 May 2019 10:33:23 -0700 (PDT)
Received: by mail-ot1-x330.google.com with SMTP id l17so16057049otq.1 for <tls@ietf.org>; Tue, 14 May 2019 10:33:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gBVkkHFAhgK84i5xt0m6mgrAdSCuhZfn/Stg9UA3Bxc=; b=UZjFFcw0uuO2ghwXaCQtDrZpk7ZZOgTn3YZBfnPeYiE++Zj0eV8BBoXPVxgx74Z/4V mbagMeTeLJgZaTMoLRTlTy7BnkghosqJWF0CAAvYLQGQ4JbcdJ6qB/H9AKDdAAkSLZvh kaJ46Iv1vD6Qspp9dHWp+ujejV3894u6TODb7N83bpB7ii1MC1rgQA9jso4iGNztnZNS TdnNGLxW64f3CCC8iCLa7j2h9OgAgABHflrsqZ+4gb8LTSYzPcJoWin56bia7RNeg130 9zUV0PoKOyKv+8BfWjheVoIikws1tFSZdUjXSIaV4sroxYHvC7j3ZwYzB71k7sgYHoiB 1EhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gBVkkHFAhgK84i5xt0m6mgrAdSCuhZfn/Stg9UA3Bxc=; b=cTK4G2hvK5nDm8ZgSODMolOXD+pg6Sl9ICuLhe0GNFoSEF9fgilZpZRvOI5vVBVo7s VtE9FQ+/x96qxR0sQxnXs+ZjeiIRmsTSUgmBIxVzoi+tj3WY0lZ+twY+3uIXNzPsLCFY Q0tl8ysfwjJzWvU8R33tezrUf+jTQEIEjo3GdYW7tvJW438i1ckiBpcjoGXyi2gaC5cX 8K/HePj8rilnkJmZujc7AHab8qQ7wGoNVD9hlqQs69fdPMOkaA+xRSZbIG8eiD1ic6a9 XsgXoNbRy4RYv7dOMRmuCdrFj8wUXkN0fyUbs4kWRVSZ0gAth1tMoTUaPEzzo8Fju1Xu TXXA==
X-Gm-Message-State: APjAAAWvQvYKIsuzszTHJVVYeXuaqV3r2E2fj5GxtdPSDFydhlJy6D4S XI5KwrBao6MSdSJg3YLrUqpwe5i4wVO16wk2Us3F+P3a
X-Google-Smtp-Source: APXvYqyaGWtH+UGaRWmJCfIh+w3khpTBhYzGkdIWDqT6Y3YVV9bFe4LlfK6tB/XGniZ3UIQF26WdB9BO/F6MI+n/z6M=
X-Received: by 2002:a05:6830:1383:: with SMTP id d3mr2485688otq.319.1557855202970; Tue, 14 May 2019 10:33:22 -0700 (PDT)
MIME-Version: 1.0
References: <28511b10-8f6a-4394-95a9-5188130f7b58@www.fastmail.com> <14984380.sTCEapK0kV@pintsize.usersys.redhat.com> <20190509222449.9C553404C@ld9781.wdf.sap.corp> <29960808.K0e8lGuAtk@pintsize.usersys.redhat.com> <20190514145249.C6DDB404C@ld9781.wdf.sap.corp> <CAF8qwaAZi1MJDWHyOzokPD2MSQGZnuk7J5SAEQbt+Yi9TC6wvw@mail.gmail.com>
In-Reply-To: <CAF8qwaAZi1MJDWHyOzokPD2MSQGZnuk7J5SAEQbt+Yi9TC6wvw@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Tue, 14 May 2019 13:32:46 -0400
Message-ID: <CAHbuEH5coOR_Yh4P79FvpZYedfiu5gzvUn0ahBZK15sOaba1Hg@mail.gmail.com>
To: David Benjamin <davidben@chromium.org>
Cc: mrex@sap.com, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fc10180588dc6d0e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/YkNpJt4OVFwgE1-qTsrlt8DBGGg>
Subject: Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1.1"
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 17:33:28 -0000
On Tue, May 14, 2019 at 12:33 PM David Benjamin <davidben@chromium.org> wrote: > > which exact piece of popular software actually still does that? >> > It ain't curl, it ain't Chrome, it ain't Firefox. >> >> It definitely was implemented in Chrome and Firefox, which is how this >> poor document got onto standards track: >> >> https://tools.ietf.org/html/rfc7507 >> >> TLS Fallback Signaling Cipher Suite Value (SCSV) >> for Preventing Protocol Downgrade Attacks >> >> > >> > It also isn't something done automatically >> > by any TLS implementation that's even remotely popular: >> > OpenSSL, NSS, GnuTLS, schannel, Secure Transport, go... >> >> It is impossible to do this transparently, because the a connection >> is ususable after a fatal TLS hanshake failure (or unexpected socket >> closure). >> >> Any application-level cleartext negotiation will have to be repeated >> as well, and the TLS implementation typically does not know about it. >> (such as HTTP CONNECT or STARTTLS) >> >> The POODLE paper >> https://www.openssl.org/~bodo/ssl-poodle.pdf >> >> asserts that many clients doing downgrade dances exist, and at the >> time of publication, this includes Mozilla Firefox, Google Chrome and >> Microsoft Internet Explorer. >> > > Chrome has not done a downgrade dance for over three years now (Chrome 50, > released in April 2016), even for TLS 1.3. Indeed much of the fuss around > TLS 1.3 was so clients could avoid repeating this mess. > Martin, There's also value in people having fewer choices as security problems are often the result of misconfigurations. A lower number of protocols to support, chose from, and configure correctly is helpful to the larger number of implementers. Additionally, there is at least one library that planned to remove support for 1.0 and 1.1. This means that is product teams need to continue support, they have to run an older version of the library, plus newer ones for 1.3. This gets messy and increases the chance of error. The chance of misconfiguration is not insignificant (by product teams or implementers of those products). Best regards, Kathleen > > David > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Best regards, Kathleen
- [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1.1" Christopher Wood
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Watson Ladd
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Thomson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… John Mattsson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Maarten Aertsen (NCSC-NL)
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Stephen Farrell
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Gary Gapinski
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Daniel Migault
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Loganaden Velvindron
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Töma Gavrichenkov
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Salz, Rich
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Roland Zink
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Thomson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Christopher Wood
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Töma Gavrichenkov
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Thomson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Benjamin Kaduk
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Eric Rescorla
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Thomson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Töma Gavrichenkov
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Benjamin Kaduk
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Viktor Dukhovni
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… David Benjamin
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Thomson
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… David Benjamin
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Kathleen Moriarty
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Hubert Kario
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Christopher Wood
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Martin Rex
- Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1… Peter Gutmann