Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt
Tony Arcieri <bascule@gmail.com> Wed, 03 June 2015 20:51 UTC
Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 857D41B2B48 for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 13:51:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.5
X-Spam-Level:
X-Spam-Status: No, score=0.5 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_12=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G-0iFqz8bPZI for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 13:51:00 -0700 (PDT)
Received: from mail-ob0-x234.google.com (mail-ob0-x234.google.com [IPv6:2607:f8b0:4003:c01::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1101F1B2B45 for <tls@ietf.org>; Wed, 3 Jun 2015 13:51:00 -0700 (PDT)
Received: by objn8 with SMTP id n8so17944728obj.3 for <tls@ietf.org>; Wed, 03 Jun 2015 13:50:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VG0FfVU6sA6dOL4DdFKKtNJr5Au3tzODNF7R/O1xzd0=; b=ww4Q4XpjC2LnOqJUDhu2nbtf+I7la6V7br/o0GYe8CK5a9MgAz5u3YH5kKjcB/D7vt yRGkCDA12ozbW09dEJQUPt7vHoEUf1jKN01G0OPWCgeOonrL25oW7XHK+xcAwSf45Sju lmYLC4Fwbpq12HtLgice74UpqfL5SF4mb2l4aj9RmIRVhHNdpr6/gy2Hu7YHwjVPZ93m AJQveKZ6JX0Ps3FvZ8+AfmfxJToAOqJ7Uv/FLnvR7UMz5NEHVjnv+lE4enoxJN7h0GTe 6Xv3IIukZPQLoAXxbItAHZKtOnXR6yCBY+oYWlMOuQj5z+KaXdSPPx5jnJMlIKBs5jf5 GzvA==
MIME-Version: 1.0
X-Received: by 10.60.79.193 with SMTP id l1mr21511373oex.60.1433364659503; Wed, 03 Jun 2015 13:50:59 -0700 (PDT)
Received: by 10.76.110.241 with HTTP; Wed, 3 Jun 2015 13:50:59 -0700 (PDT)
In-Reply-To: <201506031613.13571.davemgarrett@gmail.com>
References: <20150601225057.17500.96911.idtracker@ietfa.amsl.com> <201506031323.37163.davemgarrett@gmail.com> <877frk7keg.fsf@alice.fifthhorseman.net> <201506031613.13571.davemgarrett@gmail.com>
Date: Wed, 03 Jun 2015 13:50:59 -0700
Message-ID: <CAHOTMV+PUtkkC3Hy5BRQ+of+13F+2Jp+kSpqhFcm9Av984hLnA@mail.gmail.com>
From: Tony Arcieri <bascule@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Content-Type: multipart/alternative; boundary="089e011773735d0bcf0517a3379c"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/bUd08zJwi0YOHLmIYSf9JTvxnNM>
Cc: "<tls@ietf.org>" <tls@ietf.org>, Geoffrey Keating <geoffk@geoffk.org>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 20:51:01 -0000
On Wednesday, June 3, 2015, Dave Garrett <davemgarrett@gmail.com> wrote: > The topic brought up by Tony Arcieri was the apparent plague of old Java > clients using TLS currently. A replacement set of cipher suites would > transparently fix this in a simpler way. It adds more suites, yes, but it > would ensure that this is only ever even _attempted_ to be negotiated > between clients and servers that both support them properly. That's "half the battle", IMO, and I think the other half of my argument was lost in a swarm of "LOL Java, there's your problem" responses. I also called out the "what about a catastrophic ECC failure?" in advance and yet that is somehow the main "pedantic" response I've been receiving to my complaints. I get it. I get it so much I predicted people would say it in my very first post to this thread. Then they confirmed my hypothesis. But if we're switching to ECC for certificates too, what hypothetical attack breaks ECDH but not ECDSA/EdDSA/etc, and is it really worth convoluting TLS with extra baggage in preparation of a hypothetical attack? Should everyone continue to obtain RSA certs i. the event of an ECCpocalypse? I'm pretty firmly convinced people aren't really fully thinking through. The pat-on-the-head "you don't understand we need this if ECC breaks" responses are myopic, insulting, and an indicator that people aren't actually reading/comprehending my arguments here (the same goes for "that's just a Java problem" reaponses) The main thing I'ge observed as an SSL/TLS practicioner is extra bells and whistles that aren't commonly used leading to practial attacks, and people making haphazard changes to defend against these attacks breaking clients in the process. I care a lot more about the attacks and breakages happening in the real world *right now* than extremely speculative future attacks for which we're pre-emptively adding additional baggage/attack surface. That said, I think everyone is convincing me FFDHE *might* be a good idea. Particularly persuasive is Ilari's argument that with some tiny changes, ECDHE and FFDHE can be unified. -- Tony Arcieri
- [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dh… internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Yuhong Bao
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Geoffrey Keating
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Yuhong Bao
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Yuhong Bao
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Garrett
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Peter Gutmann
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Peter Gutmann
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Hubert Kario
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Michael D'Errico
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Peter Bowen
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Garrett
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Daniel Kahn Gillmor
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Kern
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Garrett
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Daniel Kahn Gillmor
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Jeffrey Walton
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Garrett
- [TLS] drop ffdhe2048? (was: I-D Action: draft-iet… Dave Garrett
- Re: [TLS] drop ffdhe2048? (was: I-D Action: draft… Eric Rescorla
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Dave Kern
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Nikos Mavrogiannopoulos
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Ilari Liusvaara
- Re: [TLS] I-D Action: draft-ietf-tls-negotiated-f… Tony Arcieri