Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt

Alyssa Rowan <akr@akr.io> Thu, 02 October 2014 08:01 UTC

Return-Path: <akr@akr.io>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB41B1A0151 for <tls@ietfa.amsl.com>; Thu, 2 Oct 2014 01:01:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.798
X-Spam-Level:
X-Spam-Status: No, score=0.798 tagged_above=-999 required=5 tests=[BAYES_50=0.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qtDNrkbclSel for <tls@ietfa.amsl.com>; Thu, 2 Oct 2014 01:01:41 -0700 (PDT)
Received: from entima.net (entima.net [78.129.143.175]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA1061A0107 for <tls@ietf.org>; Thu, 2 Oct 2014 01:01:40 -0700 (PDT)
In-Reply-To: <20141002005804.2760C1AE9D@ld9781.wdf.sap.corp>
References: <20141002005804.2760C1AE9D@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
From: Alyssa Rowan <akr@akr.io>
Date: Thu, 02 Oct 2014 09:01:29 +0100
To: tls@ietf.org
Message-ID: <BA2DFF33-7B0C-4E87-9C0E-215933AED88F@akr.io>
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/Za8v4MqRrOZP4OObq1uRNIolADY
Subject: Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Oct 2014 08:01:43 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2 October 2014 01:58:04 BST, mrex@sap.com wrote:
>PS: I still object to the MUST fail requirement to the server.

Objection from you and Rich noted, but I really do not agree. This draft absolutely must not be watered down. We should treat weak crypters as broadly equivalent to NULL. That is what this does.

I think fallback to RC4 is an insecure practice that we must not continue to condone. We have several strong ciphers, some with better performance, and we've known that RC4 was a tad wobbly for years: quite frankly the time for compatibility fallbacks and gentle transitions was 5 years ago or something and is now quite firmly passed. At this point, RC4 is a shambling undead zombie of an old 1980s 8086 crypter. Kill it with fire; stake it in the heart; bury it at a crossroads and dance on its gravestone.

And I think that we have reached WG consensus on that point broadly, despite your objections: as there is widespread recognition I think that if we do continue to sanction RC4's use for any reason, that will be the reason we'll never get rid of the damned thing (because people like you and Rich will keep accepting it when presented, to keep your clients with XP and prehistoric Android happy, but that unfortunately also makes Eve happy).

Anyone is entirely free to ignore confidentiality if they don't judge it's important in their scenario - but that doesn't mean it's a good idea for the internet at large, or that they weren't warned about the risk and chose to use it anyway.

>The list of cipher suites in that document should better include the cipher suite code points!

I do agree with this point, it would make it a little clearer and more unambiguous.

Subject to perhaps adding the ciphersuite codepoints, +1 for this draft.

- --
/akr
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1

iQI3BAEBCgAhBQJULQZYGhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE
jtkWi2t6GIMP/1BKbDfYMpuK99r+Es8AEzKl08kyQ1IHvSnzZlpACyGbGcQAiAHi
pNu1bTvaubxCftp0hc5dLgOU1KWB29QK0N6AYW9WOAFV+qIIN5WG29XH/EgK07bz
6FpTO/sXkq1VsPJZH0k0mWzVK6EqmNzFrONL2K43WfYxbli0Noo1fK78Cu82d4+V
wMS6WbxxSPjyCWlz2gSjC1H0nA31Bv7AywdhbLJGI+U22yGVCsWyhTX/nG0VG7Qt
G9yyXiFMSdrFNVERT7AFxJ4xKoCAkPXotIu8m+dZOD4zzN/lOYDCj3Htmy01lWcD
tgj9Xrc06pHYuVpJGxu5s14Sm8qay2S3tv10cZnxRBL+GN+EtN/xnXAVZr7Yu4kS
OwAOKLrnMWsjJzlthJGONib0MnYpWMz4FVY1xoqoBpoCkW+Eljb1aOVHJ08Excbd
tFPwNXpgL6lG6KiiepfL3yq+Ru+liHMoAiVf8R9KmkwBQIS5H2270DVSkSyopQnB
W0ug8aPsMYpY1av2rLMbuCRrrCNirOhdPBukeVEdLBN5fgpJwALTkGXH5xjlIRPV
vi9IQdckUHW7rVxHC09XOLLi31p1tSNnZ32TMN2deu2tCe7AoVCQ236T/kPYAwgg
w9gnYublcf+wfgBUQ1wGikqQ+KGW2MnNPjPsBHSw7t4Tx1g0r1ONDKgw
=QZJ9
-----END PGP SIGNATURE-----