Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 11 February 2015 16:41 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B3451A028A for <tls@ietfa.amsl.com>; Wed, 11 Feb 2015 08:41:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mHRIGS9d9u-Z for <tls@ietfa.amsl.com>; Wed, 11 Feb 2015 08:41:31 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 49DA11A1A78 for <tls@ietf.org>; Wed, 11 Feb 2015 08:41:31 -0800 (PST)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 5F7B5F984; Wed, 11 Feb 2015 11:41:28 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 877C91FFAB; Wed, 11 Feb 2015 11:41:38 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Kurt Roeckx <kurt@roeckx.be>, Dave Garrett <davemgarrett@gmail.com>
In-Reply-To: <20141226181139.GA5321@roeckx.be>
References: <201412221945.35644.davemgarrett@gmail.com> <20141226181139.GA5321@roeckx.be>
User-Agent: Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Wed, 11 Feb 2015 11:41:38 -0500
Message-ID: <871tlwpfi5.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/qDPoKZdIPDjBmmkN7mQ5ZcypBjA>
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] drop obsolete SSL 2 backwards compatibility from TLS 1.3 draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Feb 2015 16:41:33 -0000
On Fri 2014-12-26 13:11:39 -0500, Kurt Roeckx wrote: > On Mon, Dec 22, 2014 at 07:45:35PM -0500, Dave Garrett wrote: >> I've submitted a straightforward PR to remove the SSL 2 backwards compatibility >> section from the current TLS 1.3 draft: >> >> https://github.com/tlswg/tls13-spec/pull/105 >> >> SSL 2.0 backwards compatibility was previously deprecated in TLS 1.2 (2008) and >> was warned to be "phased out with all due haste". RFC 6176 (2011) prohibits it >> entirely. It's a section of obsolete complexity still in the draft. >> >> The PR replaces the section with a simple "MUST NOT" send or accept for TLS 1.3 >> implementations. > > I'm having mixed feelings about this. > > It's saying that you should refuse a connection from a client that > supports TLS 1.0 but set it up using a SSLv2 compatible client > hello. If TLS 1.0 is still acceptable, why would you refuse such > a connection? It's not saying that. It says: Implementations MUST NOT negotiate TLS 1.3 or later using an SSL version 2.0 compatible CLIENT-HELLO. Implementations MAY accept an SSL version 2.0 compatible CLIENT-HELLO in order to negotiate older versions of TLS, however this is not recommended. So if the client connects with an SSLv2 handshake, we can negotiate TLS 1.0 with it (while acknowledging that this isn't a recommended state). --dkg
- [TLS] drop obsolete SSL 2 backwards compatibility… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- [TLS] explicitly specify ClientHello record versi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Jeffrey Walton
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Hauke Mehrtens
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yoav Nir
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Fabrice
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Hauke Mehrtens
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Kurt Roeckx
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Salz, Rich
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Watson Ladd
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Thomson
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Peter Gutmann
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Brian Smith
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Salz, Rich
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Florian Weimer
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Florian Weimer
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Daniel Kahn Gillmor
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Andrei Popov
- [TLS] Downgrade Dance steps (Re: drop obsolete SS… Martin Rex
- Re: [TLS] Downgrade Dance steps (Re: drop obsolet… Dave Garrett
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Martin Rex
- Re: [TLS] drop obsolete SSL 2 backwards compatibi… Yuhong Bao