Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft
Watson Ladd <watsonbladd@gmail.com> Sun, 28 December 2014 18:55 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CC601A8960 for <tls@ietfa.amsl.com>; Sun, 28 Dec 2014 10:55:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YnI-F5hf1Kcw for <tls@ietfa.amsl.com>; Sun, 28 Dec 2014 10:55:04 -0800 (PST)
Received: from mail-yk0-x22c.google.com (mail-yk0-x22c.google.com [IPv6:2607:f8b0:4002:c07::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95C951A89F2 for <tls@ietf.org>; Sun, 28 Dec 2014 10:55:04 -0800 (PST)
Received: by mail-yk0-f172.google.com with SMTP id 131so6010937ykp.31 for <tls@ietf.org>; Sun, 28 Dec 2014 10:55:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=G3laXNRtQ0Sus/WhJzVz1rc/MBOQ8XWN3SRjM6QS61g=; b=MNxeEhzx/PqnJbiCEDm+7dJqDbBgF/cmcVnbPBuuv0zgu5bUyV71b4wpc+C8+WqLZz n5YGbXi6oiqiNx/6R6lec2o0uL1AfLKUN1caWd4xRIzu61UtU7MLQs3K2YmupN/8c78j +eMMXKTKOUkVVJDgvTiqGvbH6U3tjwV6wZ6kU2Rqsbo4TY1IC26efIJpXoNwTfaYU3y8 xW6UU/WfOQUqq+b/QHLqKcmeaWcAI2k9Mu3ZGpui2F3hp71YgtjsuvepL4lqJbkxlUlS Q1soye0682c3tvY8OEkGa0yDWhRrIRv94+n2RAW52f2SSN7JrksXB3IMTiVAc3Mtz0fu L9ZA==
MIME-Version: 1.0
X-Received: by 10.236.30.168 with SMTP id k28mr20297888yha.163.1419792903806; Sun, 28 Dec 2014 10:55:03 -0800 (PST)
Received: by 10.170.207.6 with HTTP; Sun, 28 Dec 2014 10:55:03 -0800 (PST)
In-Reply-To: <20141228164421.GA5437@roeckx.be>
References: <201412221945.35644.davemgarrett@gmail.com> <F07340BA-F182-470C-AF90-C85A973075B9@gmail.com> <549F2D90.5030305@hauke-m.de> <201412271739.24476.davemgarrett@gmail.com> <38DB9255-0F1B-40BC-A36B-D0241BE65E40@gmail.com> <54A0171D.9070504@hauke-m.de> <20141228164421.GA5437@roeckx.be>
Date: Sun, 28 Dec 2014 13:55:03 -0500
Message-ID: <CACsn0cnV7ffbwVffvKmFMJ17JpZ2egN_opLyNjSVMbVE1bAwsw@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Kurt Roeckx <kurt@roeckx.be>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/dcMECk9hdA1FqmBqVrhXif_8PMY
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>, Dave Garrett <davemgarrett@gmail.com>
Subject: Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Dec 2014 18:55:06 -0000
On Sun, Dec 28, 2014 at 11:44 AM, Kurt Roeckx <kurt@roeckx.be> wrote: > On Sun, Dec 28, 2014 at 03:43:41PM +0100, Hauke Mehrtens wrote: >> Hi, >> >> as even OpenSSL 0.9.8 sends such ClientHellos in the default settings, I >> think TLS 1.3 should support the following: >> >> 1. TLS 1.3 Clients must only negotiate TLS 1.0 or up. I think with the >> Poodle attack most servers and clients already deactivated SSL v3 >> support. This is draft-ietf-tls-sslv3-diediedie-00. >> 2. A TLS 1.3 Client most not send a SSL v2 or SSL v3 ClientHello. This >> is draft-ietf-tls-sslv3-diediedie-00. >> 2. A TLS 1.3 server may or should accept a SSL V2 and V3 compatible >> ClientHello, but not negotiate these protocol versions. > > Maybe some people would like to see that TLS 1.3 should never be > set up using an SSLv2 compatible client hello. I am really confused as to what the proposed v2 compatible, TLS 1.3 hello would look like. TLS 1.3 demands extension support, and the SSLv2 and v3 protocols do not support extensions. We've already seen bugs and workarounds (padding extensions) resulting from continued support of SSLv2. There is a working version negotiation mechanism in TLS 1.0 and above which doesn't have these issues. We should use it: a tiny handful of old clients don't matter. Sincerely, Watson Ladd > > > Kurt > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- [TLS] drop obsolete SSL 2 backwards compatibility… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- [TLS] explicitly specify ClientHello record versi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Jeffrey Walton
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Hauke Mehrtens
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Fabrice
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Hauke Mehrtens
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Salz, Rich
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Watson Ladd
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Thomson
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Peter Gutmann
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Salz, Rich
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Florian Weimer
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Florian Weimer
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Daniel Kahn Gillmor
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Andrei Popov
- [TLS] Downgrade Dance steps (Re: drop obsolete SS… Martin Rex
- Re: [TLS] Downgrade Dance steps (Re: drop obsolet… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao