IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 09 March 2019 15:05 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3F76127598 for <tls@ietfa.amsl.com>; Sat, 9 Mar 2019 07:05:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qx15NjMbC-Ss for <tls@ietfa.amsl.com>; Sat, 9 Mar 2019 07:05:50 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6ECC1240D3 for <tls@ietf.org>; Sat, 9 Mar 2019 07:05:49 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 82D9EBE24; Sat, 9 Mar 2019 15:05:46 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hkZ5rMeeM03l; Sat, 9 Mar 2019 15:05:44 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 46312BE20; Sat, 9 Mar 2019 15:05:44 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1552143944; bh=KJzP6+Mfg290Xh87RfL+04xFZiAflrxim7iDRemUnyw=; h=To:References:From:Subject:Date:In-Reply-To:From; b=dZq1BBDnItXf2ELtYZmw5IJ6miIpuncwyxIl3AUqBbXMybf/zGwu9oke2JI2A83y5 eKnwEVxePkDD5664XO8161PkoclC6PAJ5x0zFGyYJT4YQXrf9gZ2Tpupck/VDcY1Ir zmiNZIg+u9Ssic0ETPq6XHIxSe0vumcZxRYUhjJs=
To: John Mattsson <john.mattsson@ericsson.com>, "tls@ietf.org" <tls@ietf.org>
References: <154165491176.26419.11906807559515385277@ietfa.amsl.com> <62386296-c674-44ef-65b0-e3ced823eb92@cs.tcd.ie> <09181304-3B39-464D-B98A-E7C109701507@ericsson.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <3ff85a18-d32c-c22c-2def-43d7f55fec79@cs.tcd.ie>
Date: Sat, 09 Mar 2019 15:05:43 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <09181304-3B39-464D-B98A-E7C109701507@ericsson.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="zAa57YSAUGJ5t3GMdYEGGIxA00wqaTufQ"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fuGamISBmt4Obsq79qINDNcXeP4>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2019 15:05:53 -0000

Hi John,

On 08/03/2019 22:44, John Mattsson wrote:
> Hi,
> 
> Thanks for driving this. Great work. I would like to see deprecation
> of done more often in IETF and elsewhere.
> 
> 3GPP has deprecated TLS 1.0 and DTLS 1.0 some years ago (but could at
> that time not deprecate TLS 1.1 due to interop with older releases).
> I would estimate that 3GPP will deprecate TLS 1.1 this year, at least
> that is what I am going to suggest. I think that 3GPP will deprecate
> non-AEAD and non-PFS cipher suites at the same time as TLS 1.1.

Good to know. Might be no harm to put in some reference to that if you
have one?

> Moving deprecation of SHA-1 to a different document makes sense to
> me. I would want such a document be deprecate a much as section 9.2
> of RFC 7540 with the exception of TLS_PSK_WITH_AES_128_CCM_8 for IoT.
> I.e, I think such a document should forbid non-AEAD and < 2048 DHE as
> well as changing the MTI cipher suite in TLS 1.2.

I'd support progressing such a draft if someone wrote one. Or maybe
that'd be good text to include in a revision of BCP195 when we've a
bit more experience with TLSv1.3.

For now, I think leaving in section 3 is ok though - killing sha-1
multiple times still leaves it as dead as killing it once:-)

> - I think the document should mention DTLS 1.0 much earlier, probably
> even in the title.

Fair point. Didn't add to title but added stuff in the abstract.

But that does raise an issue for the WG. I never checked what
else refers to 4347 that's needs to be updated. (Sigh, I should
have done that before I guess;-)

So I re-ran my script to find non-obsoleted RFCs with normative
references to 4347 and that turns up these new ones:

- RFC 8261, which says:

   The DTLS implementation MUST support DTLS 1.0 [RFC4347] and SHOULD
   support the most recently published version of DTLS, which was DTLS
   1.2 [RFC6347] when this RFC was published.  In the absence of a
   revision to this document, the latter requirement applies to all
   future versions of DTLS when they are published as RFCs.  This
   document will only be revised if a revision to DTLS or SCTP makes a
   revision to the encapsulation necessary.

I guess we could UPDATE that via this draft but we should probably add
some text if doing that, and we defo need to check if WebRTC really
needs DTLSv1.0 or if it's ok to deprecate that. (Anyone know?) I've
added a note to the draft wondering what to do about that but did't
add 8261 to the list of RFCs UPDATEd by this.

- RFC 6460 is suite-B which is already historic, so it probably doesn't
matter. I added this to the mega-list of stuff updated by this one as
that seems harmless.

- RFC 6353 is SNMP/TLS so seems like a straightforward case. I added
this to the list updated here.

- RFC 6084, which is "GIST" whatever that is.  I added this to the
list updated here.

- RFC 6083 is DTLS/SCTP. I added this to the list updated here.

- RFC 6012 is DTLS for syslog. I added this to the list updated here.

- RFC 5456 is some asterisk-related protocol. I added this to the list
updated here.

- RFC 5415 is CAPWAP. I added this to the list updated here.

> - Nit: The document uses "TLS1.0" "TLSv1.0" while most other drafts
> use "TLS 1.0"

I did a pass trying to make those consistently be TLSv1.x.

The changes above are reflected in the editor's copy, [1] now but
since those new UPDATE references are a substantive change, I'll push
out a -02 later today or tomorrow.

Cheers,
S.

[1]
https://github.com/tlswg/oldversions-deprecate/blob/master/draft-ietf-tls-oldversions-deprecate.txt

> 
> Cheers, John
> 
> -----Original Message----- From: TLS <tls-bounces@ietf.org> on
> behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie> Date: Thursday,
> 8 November 2018 at 06:36 To: "TLS@ietf.org" <tls@ietf.org> Subject:
> Re: [TLS] I-D Action: draft-ietf-tls-oldversions-deprecate-01.txt
> 
> 
> Hiya,
> 
> This version attempts to make the few changes discussed at the
> meeting on Monday. I wrote a script that gave me a list of 76(!) RFCs
> this might need to update, and may of course have mucked that up, so
> if anyone has a chance to check if (some of) those make sense, that'd
> be great.
> 
> Ta, S.
> 
> On 08/11/2018 05:28, internet-drafts@ietf.org wrote:
>> 
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories. This draft is a work item of the Transport Layer
>> Security WG of the IETF.
>> 
>> Title           : Deprecating TLSv1.0 and TLSv1.1 Authors         :
>> Kathleen Moriarty Stephen Farrell Filename        :
>> draft-ietf-tls-oldversions-deprecate-01.txt Pages           : 21 
>> Date            : 2018-11-07
>> 
>> Abstract: This document, if approved, formally deprecates Transport
>> Layer Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] and
>> moves these documents to the historic state.  These versions lack
>> support for current and recommended cipher suites, and various
>> government and industry profiles of applications using TLS now
>> mandate avoiding these old TLS versions.  TLSv1.2 has been the
>> recommended version for IETF protocols since 2008, providing
>> sufficient time to transition away from older versions.  Products
>> having to support older versions increase the attack surface
>> unnecessarily and increase opportunities for misconfigurations.
>> Supporting these older versions also requires additional effort for
>> library and product maintenance.
>> 
>> This document updates many RFCs that normatively refer to TLS1.0
>> or TLS1.1 as described herein.  This document also updates RFC 7525
>> and hence is part of BCP195.
>> 
>> 
>> The IETF datatracker status page for this draft is: 
>> https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
>>
>>
>> 
There are also htmlized versions available at:
>> https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-01
>>
>> 
https://datatracker.ietf.org/doc/html/draft-ietf-tls-oldversions-deprecate-01
>> 
>> A diff from the previous version is available at: 
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-oldversions-deprecate-01
>>
>>
>>
>> 
Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at
>> tools.ietf.org.
>> 
>> Internet-Drafts are also available by anonymous FTP at: 
>> ftp://ftp.ietf.org/internet-drafts/
>> 
>> _______________________________________________ TLS mailing list 
>> TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
>> 
>

v2.23.0 | Report a Bug | By Email