Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt

Yoav Nir <ynir.ietf@gmail.com> Mon, 06 October 2014 20:12 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52A151A8955 for <tls@ietfa.amsl.com>; Mon, 6 Oct 2014 13:12:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id akjsgZ35PaT8 for <tls@ietfa.amsl.com>; Mon, 6 Oct 2014 13:12:32 -0700 (PDT)
Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 708041A8953 for <tls@ietf.org>; Mon, 6 Oct 2014 13:12:32 -0700 (PDT)
Received: by mail-wg0-f41.google.com with SMTP id b13so7508548wgh.0 for <tls@ietf.org>; Mon, 06 Oct 2014 13:12:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=jLT4bb6DQ7GIRHVOpBJz96OpuIlojXgm1XZXtmNjsks=; b=GC2Gov/mBRdjCwAsHJ+JCCfM2aMmAr/aqZbF1kynsJHrhtLo8huzHqwgeoQlvIugLv l1kEmji0LkLFo7ziZ5ZXSeosheyQYcTtyj6S6oBdmeiLf8kXlwpTzTQVPV7D/R0C9dS5 s3Ua8raDa+EEk9nkIVyLDkGPWX/LVYivUjea+o5j1dWgUG+en0upV6ZxH91LS2DnH187 zYSnJ1ncUGs3QKkbZYx0Be9efiSyRis5XlktCOpiBbOKIsI8K4aBhi5AA+pZuT3RGmdl jb2JHJfgmPp420TEMEaKWUZgHiKa6+7fgIFoohjpYe84XvaisbECTJSo0m0TsaU2y2AV kuSw==
X-Received: by 10.194.58.13 with SMTP id m13mr5409944wjq.134.1412626351051; Mon, 06 Oct 2014 13:12:31 -0700 (PDT)
Received: from [192.168.1.104] (IGLD-84-228-54-144.inter.net.il. [84.228.54.144]) by mx.google.com with ESMTPSA id ny6sm12347456wic.22.2014.10.06.13.12.29 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 06 Oct 2014 13:12:30 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <20141006195844.ED7D61AEB1@ld9781.wdf.sap.corp>
Date: Mon, 6 Oct 2014 23:12:28 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <59776220-309B-4E6B-870D-66F8A0F4D7B5@gmail.com>
References: <20141006195844.ED7D61AEB1@ld9781.wdf.sap.corp>
To: mrex@sap.com
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/j7pErFoQAGGi3rAsvZYlHI2UBpw
Cc: tls@ietf.org
Subject: Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2014 20:12:34 -0000

On Oct 6, 2014, at 10:58 PM, Martin Rex <mrex@sap.com> wrote:
> 
> 
> Based on what we currently know about the weaknesses of RC4,
> unconditionally turning down clients will be ridiculously stupid
> in most situations, because for the vast number of scenarios,
> the weakness of the TLS RC4 cipher suites is not a threat.

Hi, Martin.

Both your implementation and mine have to deal with customers that run 4 or 5 year old software, and refuse to patch their systems. We know this is true, because TLS has a padding extension only because customers refuse to patch their systems.

So if the version that I am working on now is going to come out in 2015, some customers are going to run it in 2020. It should not include things that are likely to be ridiculous in 2020. So avoiding RC4 now is good. Avoiding SHA-1 in signatures is another good idea. Google can patch everyone’s Chrome in days. We are not so lucky.

So I think it should be MUST NOT for RC4. If some things can’t yet afford to comply with the new RFC, so be it. They’ll get there eventually.

Yoav