Re: [TLS] Deprecating Static DH certificates in the obsolete key exchange document
"Salz, Rich" <rsalz@akamai.com> Mon, 15 April 2024 18:40 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 285B8C14F6F3 for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:40:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.84
X-Spam-Level:
X-Spam-Status: No, score=-4.84 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-2.049, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2P-JXNO9xr_l for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:40:01 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [67.231.149.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B3C8C14F6A4 for <tls@ietf.org>; Mon, 15 Apr 2024 11:40:01 -0700 (PDT)
Received: from pps.filterd (m0409408.ppops.net [127.0.0.1]) by m0409408.ppops.net-00190b01. (8.17.1.24/8.17.1.24) with ESMTP id 43FEWj2l028037; Mon, 15 Apr 2024 19:40:01 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h= from:to:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=jan2016.eng; bh=6GsX7hc59+HWO8RxFE ATkUjInfbcJWhMfv/huPYWJBw=; b=NAy7Gj2SW5IBAc/ZWrRTnYrKYt2XCVkBhm I2DYpySSVHHiPL3UQoZBGLUrOMEDuq0ABsCyciGSSkvrDxwf8vpdiZktoFVqX46Q Or5HAXSzvfkboejB1r+iC88vT+w4dW3BeuhLr+6BPQ939Gd2/EAQp4m6v2a0Mjb2 bI1VuNCHfL6vBpE2Z2LOVmqga2DnxMdfwVLziq+ZqMHc3jNETYa4iwR7UNHRfX3r gBTYdgxTP5Kw38zPwMcRH/mB8erBIB3HIP81PqxCIVhjuEtIIRHZgGolmuKaItDD Zkx227BqKU/TBLqRNK/iLXaGogvooPjdTjNDOfuYH0JsDUh9l2Jg==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by m0409408.ppops.net-00190b01. (PPS) with ESMTPS id 3xh6343huc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Apr 2024 19:40:00 +0100 (BST)
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 43FIUHju022080; Mon, 15 Apr 2024 14:39:59 -0400
Received: from email.msg.corp.akamai.com ([172.27.50.202]) by prod-mail-ppoint8.akamai.com (PPS) with ESMTPS id 3xfncxsxuh-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Apr 2024 14:39:58 -0400
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb3.msg.corp.akamai.com (172.27.50.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Mon, 15 Apr 2024 11:39:58 -0700
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1258.028; Mon, 15 Apr 2024 11:39:58 -0700
From: "Salz, Rich" <rsalz@akamai.com>
To: Joseph Salowey <joe@salowey.net>, "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] Deprecating Static DH certificates in the obsolete key exchange document
Thread-Index: AQHaj2DGEZOo2NSZH065m5iw4wHcyLFp3CmA
Date: Mon, 15 Apr 2024 18:39:58 +0000
Message-ID: <EB2272AF-93C3-4B22-A550-3BBCE057AA62@akamai.com>
References: <CAOgPGoBBq-SBb4N1b0VCyUxMytbgRCoGWOQug-XJAKSYh6Ezag@mail.gmail.com>
In-Reply-To: <CAOgPGoBBq-SBb4N1b0VCyUxMytbgRCoGWOQug-XJAKSYh6Ezag@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.83.24033013
x-originating-ip: [172.27.118.139]
Content-Type: multipart/alternative; boundary="_000_EB2272AF93C34B22A5503BBCE057AA62akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-15_15,2024-04-15_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 malwarescore=0 mlxscore=0 suspectscore=0 spamscore=0 bulkscore=0 phishscore=0 mlxlogscore=682 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2404010000 definitions=main-2404150123
X-Proofpoint-GUID: upbXiX-sqBpm9TBH7ZHEHqn1v53y74sl
X-Proofpoint-ORIG-GUID: upbXiX-sqBpm9TBH7ZHEHqn1v53y74sl
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-15_15,2024-04-15_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 malwarescore=0 suspectscore=0 bulkscore=0 priorityscore=1501 impostorscore=0 mlxscore=0 phishscore=0 clxscore=1015 lowpriorityscore=0 mlxlogscore=599 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2404010003 definitions=main-2404150122
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/eJxwwQRdyylckJx7M3sHIv-rmuA>
Subject: Re: [TLS] Deprecating Static DH certificates in the obsolete key exchange document
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 18:40:05 -0000
At IETF 119 we had discussion that static DH certificates lead to static key exchange which is undesirable. Although the current draft deprecates static DH ciphersuites, it seems that RFC 5246 allows the client to provide a certificate with a static DH keypair to provide static parameters in (EC)DHE in TLS 1.2 (I don't know of any implementations that do this). Yes.
- Re: [TLS] Deprecating Static DH certificates in t… Martin Thomson
- [TLS] Deprecating Static DH certificates in the o… Joseph Salowey
- Re: [TLS] Deprecating Static DH certificates in t… Eric Rescorla
- Re: [TLS] Deprecating Static DH certificates in t… Salz, Rich
- Re: [TLS] Deprecating Static DH certificates in t… Filippo Valsorda
- Re: [TLS] Deprecating Static DH certificates in t… Peter Gutmann
- Re: [TLS] Deprecating Static DH certificates in t… Nimrod Aviram
- Re: [TLS] Deprecating Static DH certificates in t… Loganaden Velvindron
- Re: [TLS] Deprecating Static DH certificates in t… Peter Gutmann
- Re: [TLS] Deprecating Static DH certificates in t… Viktor Dukhovni
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Rob Sayre
- Re: [TLS] [EXT] Deprecating Static DH certificate… Hubert Kario
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Filippo Valsorda
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Peter Gutmann
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… David Benjamin
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… David Benjamin
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Rob Sayre