Re: [TLS] Broken browser behaviour with SCADA TLS

Ilari Liusvaara <ilariliusvaara@welho.com> Thu, 05 July 2018 06:46 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDAA2130EDE for <tls@ietfa.amsl.com>; Wed, 4 Jul 2018 23:46:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q9xePZvJZVmk for <tls@ietfa.amsl.com>; Wed, 4 Jul 2018 23:46:33 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8E49130ED1 for <tls@ietf.org>; Wed, 4 Jul 2018 23:46:33 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id D605B4F53C; Thu, 5 Jul 2018 09:46:30 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id 6fOwln1cZe4Q; Thu, 5 Jul 2018 09:46:30 +0300 (EEST)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 3170573; Thu, 5 Jul 2018 09:46:27 +0300 (EEST)
Date: Thu, 5 Jul 2018 09:44:55 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <20180705064455.GA7996@LK-Perkele-VII>
References: <1530687136897.97792@cs.auckland.ac.nz> <CABkgnnXsM2_PsL_YsuNEh6eDyp-R2d2JRm6OmGFh9nRAV5Lukg@mail.gmail.com> <20180704074101.GA19789@LK-Perkele-VII> <1530691044974.54956@cs.auckland.ac.nz> <20180704081519.GA20000@LK-Perkele-VII> <1530756106390.98539@cs.auckland.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1530756106390.98539@cs.auckland.ac.nz>
User-Agent: Mutt/1.10.0 (2018-05-17)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lApSwMEF-d6_J3WF4w3S58s2xZw>
Subject: Re: [TLS] Broken browser behaviour with SCADA TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2018 06:46:36 -0000

On Thu, Jul 05, 2018 at 02:02:04AM +0000, Peter Gutmann wrote:
> Ilari Liusvaara <ilariliusvaara@welho.com>; writes:
> 
> >Chrome initially did that. It caused quite a lot of bad feedback from owners
> >of various bad embedded stuff. The thread on relevant forums was quite
> >something. Hundreds of messages blaming Google for breaking stuff.
> 
> If there were "hundreds of messages" doesn't that indicate that it's Chrome
> that's the problem, and not everyone else?

Basically with DHE in TLS 1.2, you have very few choices:

1) Advertise DHE, accept weak groups. Vulernable to LOGJAM.
2) Advertise DHE, deny weak groups. Unacceptable failure rates.
3) Do not advertise DHE. Loses FPS with some servers.
4) Try DHE at first and fallback to RSA on too small group.
   Complex.


-Ilari