Re: [TLS] WGLC: draft-ietf-tls-tls13-19
Benjamin Kaduk <bkaduk@akamai.com> Tue, 04 April 2017 23:20 UTC
Return-Path: <bkaduk@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57B8E128D8B for <tls@ietfa.amsl.com>; Tue, 4 Apr 2017 16:20:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H_TWDs52v-wZ for <tls@ietfa.amsl.com>; Tue, 4 Apr 2017 16:20:54 -0700 (PDT)
Received: from prod-mail-xrelay08.akamai.com (prod-mail-xrelay08.akamai.com [96.6.114.112]) by ietfa.amsl.com (Postfix) with ESMTP id DF39E12940F for <tls@ietf.org>; Tue, 4 Apr 2017 16:20:54 -0700 (PDT)
Received: from prod-mail-xrelay08.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id A6BC5200032; Tue, 4 Apr 2017 23:20:54 +0000 (GMT)
Received: from prod-mail-relay09.akamai.com (prod-mail-relay09.akamai.com [172.27.22.68]) by prod-mail-xrelay08.akamai.com (Postfix) with ESMTP id 907F0200001; Tue, 4 Apr 2017 23:20:54 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1491348054; bh=2RUw6rXeKmOJBDE2MCEpz1JIiZwBBqBq/oMCgaegfQI=; l=2112; h=To:References:Cc:From:Date:In-Reply-To:From; b=wRG33jiIZiWGwpMY5xStP0yowb+Zbo9OaE5vYXM5NkMCWD7FoFvL6TmXHfMu/8yy7 JzN7J0+QKthIw8ICEe2Mx6r6Lqp8/ZJDvpzc7itT0PZvT53/f2Pjrregw/9Q8ppZrs 0/a8uSp4Kv3TYpFhalBYKO9CrLQBK+jQhe7lDdUQ=
Received: from [172.19.17.86] (bos-lpczi.kendall.corp.akamai.com [172.19.17.86]) by prod-mail-relay09.akamai.com (Postfix) with ESMTP id 29F331E07C; Tue, 4 Apr 2017 23:20:54 +0000 (GMT)
To: Hubert Kario <hkario@redhat.com>, tls@ietf.org
References: <025D3ABD-199F-421A-9265-6F960135A3B7@sn3rd.com> <228B1CCF-088B-4F4C-B2FD-A20036B9224A@akamai.com> <2454705.8d2estPYRD@pintsize.usersys.redhat.com>
From: Benjamin Kaduk <bkaduk@akamai.com>
Message-ID: <e2427462-c9b0-bf13-c243-e49546cb3bdf@akamai.com>
Date: Tue, 04 Apr 2017 18:20:53 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <2454705.8d2estPYRD@pintsize.usersys.redhat.com>
Content-Type: multipart/alternative; boundary="------------FC2A5DBB00EB9BF049B9F4ED"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lpmFzAXX7Ov_Q0JdFkkiWqTtRPg>
Subject: Re: [TLS] WGLC: draft-ietf-tls-tls13-19
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Apr 2017 23:20:57 -0000
On 03/31/2017 08:40 AM, Hubert Kario wrote: > On Tuesday, 28 March 2017 08:23:33 CEST Kaduk, Ben wrote: >> On 3/13/17, 12:30, "Sean Turner" <sean@sn3rd.com> wrote: >> Do we want to add some commentary about the extant SHA1 collisions when we >> say that {rsa_pkcs1,dsa,ecdsa}_sha1 are only SHOULD NOT? > > There still are non-insignificant number of Internet facing servers that > require SHA-1 being advertised for connection to be successful. > SHOULD NOT is a good compromise for it. Right. We could note that though SHA1 is "known to be broken", some servers currently require it, even though they ought to be moving away from it posthaste. -Ben
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Benjamin Kaduk
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Eric Rescorla
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Eric Rescorla
- [TLS] WGLC: draft-ietf-tls-tls13-19 Sean Turner
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Eric Rescorla
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Yoav Nir
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Dave Garrett
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Olivier Levillain
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Kaduk, Ben
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Dave Garrett
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Kyle Nekritz
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Olivier Levillain
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Eric Rescorla
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Hubert Kario
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Eric Rescorla
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Dr Stephen Henson
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Martin Thomson
- Re: [TLS] WGLC: draft-ietf-tls-tls13-19 Benjamin Kaduk