IETF Logo Mail Archive

Re: [TLS] Prohibiting SSL 3.0

Yoav Nir <ynir.ietf@gmail.com> Wed, 29 October 2014 15:43 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 118391A1A45 for <tls@ietfa.amsl.com>; Wed, 29 Oct 2014 08:43:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0vq4RGNw79tb for <tls@ietfa.amsl.com>; Wed, 29 Oct 2014 08:43:48 -0700 (PDT)
Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D211A1A42 for <tls@ietf.org>; Wed, 29 Oct 2014 08:43:47 -0700 (PDT)
Received: by mail-lb0-f175.google.com with SMTP id b6so2760047lbj.34 for <tls@ietf.org>; Wed, 29 Oct 2014 08:43:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=mmzA/4Mamjq472zbRzoeVJpbf/8EeCY7LQOpJGckHdQ=; b=XW3XHrXKeksOGKvj1nU58tm4W/x8OBr/MHjkSQqjwYzM67giGLmVjC+I1YX0lyQZn3 A+vtaYvgtXzLdBlGWo2WtKcm3v+vygPBqz+tDYvnpYh9VElf9V6FDBEiORxmxP8XJFeN 5ezb4QXGlLC5K7L9ITN4qqZ7zk6Ed7ADJwZNx+FFCwHqXdgfdeAUbYWp6f70Iy6K9wPW uR8tMueygVvgFkkdkDFNMwWHupiKuInBMRhj0pU65aHQ6EYI/iDVvLCOX1hBk8CH1IJw NDjdNjWwgsguva+FVYuF6LDGTtg1wV260MNFzGYS3xsUG4JSj2k9zr3n/BNhkUGKeYEk gjfg==
X-Received: by 10.112.198.226 with SMTP id jf2mr12308651lbc.84.1414597425415; Wed, 29 Oct 2014 08:43:45 -0700 (PDT)
Received: from [172.24.249.90] (dyn32-131.checkpoint.com. [194.29.32.131]) by mx.google.com with ESMTPSA id je9sm2084985lbc.3.2014.10.29.08.43.44 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 29 Oct 2014 08:43:44 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <1691312.p9EQZRTQmQ@pintsize.usersys.redhat.com>
Date: Wed, 29 Oct 2014 17:43:42 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <CADC8148-54CA-41F5-905C-7BD7526D5EA5@gmail.com>
References: <9A043F3CF02CD34C8E74AC1594475C739B9DB0B2@uxcn10-5.UoA.auckland.ac.nz> <3210934.mtebjy4dFk@pintsize.usersys.redhat.com> <13B774E2-45AC-4A6C-B91E-71B2C56C5F6E@gmail.com> <1691312.p9EQZRTQmQ@pintsize.usersys.redhat.com>
To: Hubert Kario <hkario@redhat.com>
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/pSb9P-l6STvQy0MR2xCBfK3Y_Qc
Cc: tls@ietf.org
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Oct 2014 15:43:53 -0000

> On Oct 29, 2014, at 5:33 PM, Hubert Kario <hkario@redhat.com> wrote:
> 
> On Wednesday 29 October 2014 17:06:51 Yoav Nir wrote:
>>> On Oct 29, 2014, at 3:25 PM, Hubert Kario <hkario@redhat.com> wrote:
>>> 
>>> On Wednesday 29 October 2014 13:18:59 Ilari Liusvaara wrote:
>>>> On Wed, Oct 29, 2014 at 10:51:39AM +0000, Peter Gutmann wrote:
>>>>> Hubert Kario <hkario@redhat.com> writes:
>>>>>> Even the TLS 1.3 draft says that a client SHOULD NOT send a SSLv2
>>>>>> compatible client hello with server support being stated as MAY.
>>>>> 
>>>>> Good grief, it's still allowing SSLv2 after nearly *twenty years*?  This
>>>>> should have been MUST NOT for both client and server years ago, and at
>>>>> an
>>>>> absolute minimum SHOULD NOT SSLv3 as well.
>>>> 
>>>> Also, one can't even use SSLv2 compatible ClientHello for TLS v1.3
>>>> because
>>>> TLS v1.3 backward compatiblity mode requires extensions, and SSLv2 can't
>>>> pass those.
>>>> 
>>>> Checking SSL pulse (which I think scans global Internet, not all kinds of
>>>> odd internal sites nobody cares about) gives ~19% for SSLv2 (this isn't
>>>> the compatiblity hello, this the whole protocol!), which is scary.
>>> 
>>> In my scans (a bit bigger set than SSL Pulse), I see over 1% of servers
>>> that don't support anything but SSLv2!
>> 
>> I think that shows that there is an issue with the scan. A server that
>> offers only SSLv2 is not on the web. No modern browser can connect to it.
>> Are your scans going by the most popular HTTP sites that also answer on
>> port 443?  Or are these really HTTPS sites that are accessed as such?
> 
> they are very much on the web for IE 6 users

Right. So it’s not like they expect everyone to visit their site. They’re either responding to programmatic clients or they have their small group of users who keep using IE6 on XP especially for accessing those sites.

> I'm using Alexa top 1 million sites
> 
> but I'm not checking if the sites use redirect to https (as the redirect may 
> be just for login page, only for admins, etc.) so it may not be actually 
> visible for regular visitors
> 
> I also don't check for CN mismatch (as some clients don't check CNs too…)

Are you validating certificates?  Could some of these sites be showing the Apache default page with a self-signed certificate?

> That being said, I didn't verify how reliable are the scan results for SSL2 
> Only sites, so yes, it may be even less than 1%.
> 
> -- 
> Regards,
> Hubert Kario

v2.23.0 | Report a Bug | By Email