Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt

Alyssa Rowan <akr@akr.io> Tue, 21 October 2014 08:17 UTC

Return-Path: <akr@akr.io>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D83C1AD3B1 for <tls@ietfa.amsl.com>; Tue, 21 Oct 2014 01:17:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.502
X-Spam-Level:
X-Spam-Status: No, score=-0.502 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lWOtl56R4vq for <tls@ietfa.amsl.com>; Tue, 21 Oct 2014 01:17:40 -0700 (PDT)
Received: from entima.net (entima.net [78.129.143.175]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CBA11AD0BA for <tls@ietf.org>; Tue, 21 Oct 2014 01:10:57 -0700 (PDT)
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D3A8C495B@USMBX1.msg.corp.akamai.com>
References: <20141001231254.5238.71176.idtracker@ietfa.amsl.com> <20141004033546.GG13254@mournblade.imrryr.org> <20141002175446.6EB7B1AEA6@ld9781.wdf.sap.corp> <54B025040D4F68B1E49919B8@nifty-silver.us.oracle.com> <CAOgPGoCnbHHa-PVUpyon4gp-UHZo622Y3M2fQHLWwuNv8vKnvg@mail.gmail.com> <cce9c5f96fe944d5b4f6007d1c4a1bb2@BL2PR03MB419.namprd03.prod.outlook.com>, <CACsn0cmKojpfZFkaM8OBTZEpL0u_KFr6JEvHykm7uYE5UwRDLQ@mail.gmail.com> <1413868526423.88894@microsoft.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D3A8C495B@USMBX1.msg.corp.akamai.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
From: Alyssa Rowan <akr@akr.io>
Date: Tue, 21 Oct 2014 09:10:46 +0100
To: tls@ietf.org
Message-ID: <358BD1AE-8354-41EB-9E85-69741DF00F69@akr.io>
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/nlFvVtKalQIS0gDqRY0NL6dd9Sc
Subject: Re: [TLS] I-D Action: draft-ietf-tls-prohibiting-rc4-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Oct 2014 08:17:51 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 21 October 2014 06:58:23 BST, "Salz, Rich" <rsalz@akamai.com> wrote:

>+1
>
>Kill RC4 or put our face on it and face the public embarrassment.

Strong +1. I couldn't be stronger here.

I think we have rough consensus to publish this draft as-is right now, despite a couple of vocal but wrong-headed objections. I don't think further discussion makes RC4 any more, or less, weak, but delay keeps people using it for longer and that is bad.

If this WG cannot even achieve rough consensus about turning off a weak 20-year-old piece-of-crap cipher everyone knows is bad and which many fear will soon be (according to some sources has already been) broken catastrophically and irretrievably, then we have a much deeper problem and this WG is going to look utterly ineffectual and useless - which would mean taking our security, and pushing it somewhere else which can deal with it.

If you're waiting for a catastrophic break to be published to disable a cipher when it's already a decade overdue and you've been warned it's weak, then sorry but you're a complete idiot, attackers have saved all your juicy ciphertexts for the promised day, and will just sit there looking back at your (and your customers') precious data.

Anyone is free to ignore an RFC: just remember Chris, we warned you RC4 was weak; we told you that you MUST NOT use it in the clearest possible language. If you want to ignore that, you're facing the music when a break is published. Keeping RC4 enabled is the kind of thing you should, and will, fail audits for.

Don't make me get the whips out! ;-)

- --
/akr
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1

iQI3BAEBCgAhBQJURhUGGhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE
jtkWi2t6088P/imVPNrVpDrcyG0Gsl/5sMCqasrzSfDEG8ZJZNUNGQ3msCA1SzYr
XEx4FVHVX2/0fwrDftIU/N+1ECiV+l6PQf7Xoeh6XBr0P8gxMocb49J2rlZGhV9c
aZPfz40wktglMJYNlXoKu2GsoUTOaBY+DUiOygpB0nerix9k06FXcuu26y3eGyB+
bMlL2oxNvrpYJtbBNrPaRAKr1xee8AwaQzWkWoqeqjBJjwCKGp98SUS96jpXddp3
P55CDs15LsMP2dHJtkM6xS1OZWAHEZwG+3BSGJOgrkMD1hMstwNAFtJxTmOc/BRs
uFbUpYISxp1s+6ZZYH94e8Nzcr0mF6AYS3AjAXTZDGzl62LQajafxLVA13Bokoia
KHvvxylIvDNqSYu4nysJrjOX8rnrDk1m7dPZBG1Yj++4zJZ5KbxBUhzjYooX0yzp
IWIeveDOswD4n8oTKeRN3CnwYc25GLHhyg+jGrs5ullFNKwTh12G726XTd8FeGOO
AdMO0T23qhj2JpzOT2v8fd2+03FEWhkc24w/2BrdtfwZWOwN1CG9kaIMnkUzOefd
50Myy1Iws33P6tOm4X/v7vvtDLQo+aZbfHebkU4289j4D1e+e50QfWR+AYqhOOI7
dKkVMIiZALHTnlLFn9dMO2UIjlYffaugjQNBvppcqWviarYW4zi5cVNi
=t57m
-----END PGP SIGNATURE-----