Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 19 September 2013 10:33 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D221421F93BF for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 03:33:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.899
X-Spam-Level:
X-Spam-Status: No, score=-102.899 tagged_above=-999 required=5 tests=[AWL=0.400, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CvWXrlxJHCm8 for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 03:33:47 -0700 (PDT)
Received: from mail-bk0-f41.google.com (mail-bk0-f41.google.com [209.85.214.41]) by ietfa.amsl.com (Postfix) with ESMTP id 0DECD21F93E4 for <tls@ietf.org>; Thu, 19 Sep 2013 03:33:45 -0700 (PDT)
Received: by mail-bk0-f41.google.com with SMTP id na10so3436950bkb.28 for <tls@ietf.org>; Thu, 19 Sep 2013 03:33:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=kPhpsIsJqOBlyJinJbgloVYEKCUhLJNgzELzba+vffg=; b=SI5Eljm1BDxXq5WLR2hgAWwzbuufBYC2GpmHwBzJvGOaGR0v//KqfDM/r1/c49V0B+ 1xesGvnKgrolZTgLBZnHFX6amJBWvNhyMkwZ4okp7NEJJObE+evWtWx8rVCEYs7+TDg7 VrpLKLu441gSuFXeDyluIfWykO+mI8Odfmq0Jnt2josnSLZ1fNRmDJ/BXgNZQhi+ZbNo rZCnkjbjLRTfF8/CCgLGo8Y8VQgjHckgjWvrceAwAnnThCCW5ka3KyP2xqS5VfBkT1KL i7mUEM0UzCBL/QWBPA95577v44Wml63wpEFAjdalYHBILw3Bds2jAkkUdZQTHyA912UJ CwdQ==
X-Received: by 10.204.226.71 with SMTP id iv7mr539784bkb.32.1379586810115; Thu, 19 Sep 2013 03:33:30 -0700 (PDT)
Received: from [10.0.0.8] (bzq-109-64-175-213.red.bezeqint.net. [109.64.175.213]) by mx.google.com with ESMTPSA id b7sm2625158bkg.1.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 19 Sep 2013 03:33:29 -0700 (PDT)
Message-ID: <523AD2F5.90206@gmail.com>
Date: Thu, 19 Sep 2013 13:33:25 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Michael Ströder <michael@stroeder.com>
References: <9A043F3CF02CD34C8E74AC1594475C7355674007@uxcn10-6.UoA.auckland.ac.nz> <d53839fdcefca617b03d3389d166822d@srv1.stroeder.com>
In-Reply-To: <d53839fdcefca617b03d3389d166822d@srv1.stroeder.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 10:33:52 -0000

I'm afraid you're ignoring facts here. Both Chrome and Firefox on my 
machine connect to Google using ECDHE by default. Together they make up 
36% of the browser market share [1]. And for both of them, as opposed to 
IE, people tend to use the latest browser versions. To put it bluntly, 
people who are still using IE8 are not the target audience for this draft.

So client-side support, at least, is not an issue.

Thanks,
	Yaron

[1] 
http://thenextweb.com/insider/2013/08/01/ie9-falls-below-10-market-share-firefox-hits-50-month-low-and-chrome-again-gains-the-most/

On 09/19/2013 01:17 PM, Michael Ströder wrote:
> On Thu, 19 Sep 2013 08:50:05 +0000 Peter Gutmann <pgut001@cs.auckland.ac.nz>
> wrote
>> Yaron Sheffer <yaronf.ietf@gmail.com> writes:
>>
>>> There are multiple issues with MODP DH in TLS (performance is just one of
>>> them). So I'd like to recommend EC DHE instead - which makes this discussion
>>> moot.
>>
>> There are even more issues with ECC, namely their brittleness, paranoia
>> (whether justified or not) about NSA meddling, and patent issues.  DH is
>> simple in comparison.
>
> I tend to concur with Peter here.
>
> Especially if only the limited param length of MODP DH in current
> implementations rules out its recommendation in the draft.
>
> Ciao, Michael.
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>