Re: [TLS] Prohibiting SSL 3.0
Bodo Moeller <bmoeller@acm.org> Fri, 31 October 2014 14:24 UTC
Return-Path: <SRS0=EU1W=7W=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B980F1A9025 for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 07:24:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.462
X-Spam-Level:
X-Spam-Status: No, score=0.462 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N0kZcVfDqXur for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 07:24:56 -0700 (PDT)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.131]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E9D01A88BC for <tls@ietf.org>; Fri, 31 Oct 2014 07:24:56 -0700 (PDT)
Received: from mail-yh0-f45.google.com (mail-yh0-f45.google.com [209.85.213.45]) by mrelayeu.kundenserver.de (node=mreue005) with ESMTP (Nemesis) id 0MCuUJ-1XsDTS2mMV-009iGq; Fri, 31 Oct 2014 15:24:54 +0100
Received: by mail-yh0-f45.google.com with SMTP id f73so2700836yha.4 for <tls@ietf.org>; Fri, 31 Oct 2014 07:24:52 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.236.220.97 with SMTP id n91mr14142229yhp.127.1414765492529; Fri, 31 Oct 2014 07:24:52 -0700 (PDT)
Received: by 10.170.99.4 with HTTP; Fri, 31 Oct 2014 07:24:52 -0700 (PDT)
In-Reply-To: <CACsn0c=3RFSRAbw5tvgK+WwPwXFc6n59nr+yWdfxWJbc9m0CVQ@mail.gmail.com>
References: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl> <20141031010310.2F9631AF6E@ld9781.wdf.sap.corp> <CACsn0cn0CFxt-tnnkTr8OF41uLxx8SGTNM8yK90SUiJDPgcN_Q@mail.gmail.com> <CADMpkc+sBA8X4XodX2S_S4jTkpixzJfQ82UKUQyF-_fHG5Vqrg@mail.gmail.com> <CACsn0c=3RFSRAbw5tvgK+WwPwXFc6n59nr+yWdfxWJbc9m0CVQ@mail.gmail.com>
Date: Fri, 31 Oct 2014 15:24:52 +0100
Message-ID: <CADMpkcLsxQibzuY4hZcswzEGv8qzrM7jT4_91KhSqgu3QD=yiQ@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c232209f71670506b8c20b"
X-Provags-ID: V02:K0:fLh8szG4IZC5HNCX0hSos7q6roYBPA4Sp9mEnekw+xe 2RkGWbkOG3pZs1jKmIkTbM8fNIYSUQeWPiR3neHQmlB4qZGYFV XI04iq+KzwpsFIx1erKRD1qVW4ix0BG0iCqV+j47ZjzGkaFE4i YxVjyiYM3e2ZilxKV8QaKgwajobQwgKZRyCVoT7yLxQpFQOGRM WIL1fK1YrireHh4a6+H5uDqOzWnr5qC9pLDQ67vUCNipLDfJA+ 2koRCl/OgR9jDzn0TApLkF9l1bC6LY3gCG8hbY6K93R2/3B0qW r7FZfjsCEelpqiOeFuUjF1p+jOSO9n+VvUtrq+DkjNapRiIxz3 QtLgabeWgSHrjCeYj4ZIC7qf58e9ACyEu3jF1mO48jyehcqp7v 8L3IDesOaGUGMaokbWAXOVkVS44bo/bBU4QVRgEfKScvdzelOb Pm9LK
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/bkTC9zEeTJNfEfqmnRCezeIlObY
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Oct 2014 14:24:57 -0000
Watson Ladd <watsonbladd@gmail.com>: You're understating the degree of knowledge at the time, I don't think so. My intent was to highlight the difference between "known at the time" and "widely known among experts at the time". As I pointed out, you didn't have to be a biology major at the time to miss the ("known") problems. The question is not why SSL v3 got it wrong. The question is why we > didn't get it right a few years later These both are (different) questions. I had commented on your comments on the former. Bodo
- [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Martin Thomson
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Peter Gutmann
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Ilari Liusvaara
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Eric Rescorla
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Salz, Rich
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Geoffrey Keating
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Sean Turner
- Re: [TLS] Prohibiting SSL 3.0 Joseph Salowey
- Re: [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Dave Garrett
- Re: [TLS] Prohibiting SSL 3.0 Jeffrey Walton
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir