IETF Logo Mail Archive

Re: [TLS] Industry Concerns about TLS 1.3

Florian Weimer <fw@deneb.enyo.de> Wed, 05 October 2016 18:17 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E1D01293F8 for <tls@ietfa.amsl.com>; Wed, 5 Oct 2016 11:17:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.896
X-Spam-Level:
X-Spam-Status: No, score=-4.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.996] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CjOhFVruIXTD for <tls@ietfa.amsl.com>; Wed, 5 Oct 2016 11:17:29 -0700 (PDT)
Received: from albireo.enyo.de (albireo.enyo.de [5.158.152.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78C041293E4 for <tls@ietf.org>; Wed, 5 Oct 2016 11:17:29 -0700 (PDT)
Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1brqkx-0003k9-JW; Wed, 05 Oct 2016 20:17:27 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.84_2) (envelope-from <fw@deneb.enyo.de>) id 1brqkx-0004tQ-G6; Wed, 05 Oct 2016 20:17:27 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: BITS Security <BITSSecurity@fsroundtable.org>
References: <DM5PR11MB1419B782D2BEF0E0A35E420DF4C90@DM5PR11MB1419.namprd11.prod.outlook.com>
Date: Wed, 05 Oct 2016 20:17:27 +0200
In-Reply-To: <DM5PR11MB1419B782D2BEF0E0A35E420DF4C90@DM5PR11MB1419.namprd11.prod.outlook.com> (BITS Security's message of "Thu, 22 Sep 2016 17:19:48 +0000")
Message-ID: <87fuoa64p4.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/dJjPlrdBFLS0DgC9didfxnHMwt4>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Industry Concerns about TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2016 18:17:30 -0000

* BITS Security:

> Deprecation of the RSA key exchange in TLS 1.3 will cause significant
> problems for financial institutions, almost all of whom are running
> TLS internally and have significant, security-critical investments in
> out-of-band TLS decryption.
>  
> Like many enterprises, financial institutions depend upon the ability
> to decrypt TLS traffic to implement data loss protection, intrusion
> detection and prevention, malware detection, packet capture and
> analysis, and DDoS mitigation.

We should have already seen this with changing defaults in crypto
libraries as part of security updates.  That should have broken
passive monitoring infrastructure, too.

Maybe some of the vendors can shed some light on this problem and tell
us if they ever have received pushback for rolling out
ECDHE-by-default.  (I know that some products have few capabilities
for centralized policy management, which is why defaults matter a lot
there.)

v2.19.0 | Report a Bug | By Email