Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt

Bodo Moeller <bmoeller@acm.org> Thu, 02 October 2014 19:13 UTC

Return-Path: <SRS0=9UCi=6Z=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 341A11A1B7E for <tls@ietfa.amsl.com>; Thu, 2 Oct 2014 12:13:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.714
X-Spam-Level:
X-Spam-Status: No, score=-1.714 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qnfNLE5bXmjn for <tls@ietfa.amsl.com>; Thu, 2 Oct 2014 12:13:11 -0700 (PDT)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.24]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC74F1A1B4F for <tls@ietf.org>; Thu, 2 Oct 2014 12:13:10 -0700 (PDT)
Received: from mail-yh0-f49.google.com (mail-yh0-f49.google.com [209.85.213.49]) by mrelayeu.kundenserver.de (node=mreue102) with ESMTP (Nemesis) id 0MSao8-1XhVZI2cSK-00RcAs; Thu, 02 Oct 2014 21:13:08 +0200
Received: by mail-yh0-f49.google.com with SMTP id a41so465720yho.22 for <tls@ietf.org>; Thu, 02 Oct 2014 12:13:06 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.236.140.97 with SMTP id d61mr1210232yhj.164.1412277186430; Thu, 02 Oct 2014 12:13:06 -0700 (PDT)
Received: by 10.170.194.15 with HTTP; Thu, 2 Oct 2014 12:13:06 -0700 (PDT)
In-Reply-To: <542D850E.2060900@akr.io>
References: <20141002005804.2760C1AE9D@ld9781.wdf.sap.corp> <BA2DFF33-7B0C-4E87-9C0E-215933AED88F@akr.io> <2A0EFB9C05D0164E98F19BB0AF3708C71D2F8F7E83@USMBX1.msg.corp.akamai.com> <CADMpkcJEt4e7LJAY+FsFcbyQE2x3SXsaOW3bffV4U2oN9EUKrg@mail.gmail.com> <542D850E.2060900@akr.io>
Date: Thu, 2 Oct 2014 21:13:06 +0200
Message-ID: <CADMpkc+Zbu64wek2HayW2tCf+d1ZYLocMp2PzXncyS=fHPDwsg@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary=20cf303ea810058eb805047568e3
X-Provags-ID: V02:K0:RIBj4CUm/kU2q1H2QMV4NiFNHjgb/gP/dWoua5IyneS KpeeE/hw2ULgFOnNddkYpccF1nlbKMiuLFWocVatlZoTof1NMf azUzUEfsdD7OH19e7lw2IhOsbvc21J+/Ish635y9htzFxFbDsZ n9ax8WVLSs3Vr6h5l0aGkRQjkJS+c9tpE/xPvVtdXWgIZujYer N46nxvzXg88imNpVfYUir0BYBYPm4BYs4ZDQKz1w3rOfmjKfch nCrFrufogvaQd8k6XDo2MCl7Ae3RCXk2AFOnQyNc2kWijqOEsa szi4vzB2BA1pUNlW2UglVfFVWCEc9qpRX/avbUXcBJrhdiAXHR 56QYfR6NfiGB/5BSPLJb1YiRx9b56KzM0k5fSMIE15nFBXlQFA Kj/wQ239zAlvAe0JZpRwzKUehoUEPlpgAkt01DDaHoLkJLUIfI 1d/PS
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/mjX_2QxvzNFWhoo52jMGz8i5F4c
Subject: Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Oct 2014 19:13:12 -0000

>
> > Maybe the spec should have strict MUST NOT requirements for TLS

> 1.2, but make mere recommendations for the legacy protocols?
>
> No, not sure I follow your reasoning here:


If you're not using TLS 1.2 but an earlier protocol version, then obviously
backwards compatibility is of concern (and there's really no non-crappy
cipher suite available). It seems that you can get by without RC4 when
using TLS 1.2, but obviously sites do still see a need to support RC4 with
older protocol versions.


Regarding obsolete ciphers such as RC2 and DES, I don't think the need
> to prohibit them is quite as urgent, because people aren't actually
> using them in the wild. (Well, not _many_ people, anyway.)
>
> I would indeed support their deprecation - but perhaps in a separate
> document, as I'm concerned that any unnecessary delay with this one


Fair enough.

Bodo