IETF Logo Mail Archive

Re: [TLS] Call for consensus to remove anonymous DH

Eric Rescorla <ekr@rtfm.com> Wed, 16 September 2015 23:11 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4C711A9046 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 16:11:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LjaUalbAMhai for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 16:11:00 -0700 (PDT)
Received: from mail-wi0-f181.google.com (mail-wi0-f181.google.com [209.85.212.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FEAB1A6FAE for <tls@ietf.org>; Wed, 16 Sep 2015 16:11:00 -0700 (PDT)
Received: by wicfx3 with SMTP id fx3so1215407wic.1 for <tls@ietf.org>; Wed, 16 Sep 2015 16:10:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=/nh5XktwmAfffNhtLshrlr3FwtPL0UusUhNoPxc+U98=; b=K6/swjLlhbl/YhEsk3HUtBrXCUbR/3i+OjXM3MOZw2qXhaYu0Y8EUhrGPS5Cc7N3Ll ib1lrPdWaPo68uebPxGa72sxKj6qeCU0OydY+2MgXTL7mMJC0nN24w/viaVW98Hr+lx9 KTAD+Eq1eTggFrnrWUJfu0Cnj0VRApRC6HfPAFR3BfRzyoY+NJjAaYepkLiOL7vyY9Fs a34dACJdVlLJDVGIgP1ARuSj15YKvl6vtdkXNCrlM5i5TqLjnESCLB8JPhP/OYMRlHjP uYuw2AzRG7jF6QoZ/qBjlPrqxpHsu2kKFLENEWUEcXw4wtsysTbZ4Bywf3wIaysM+6Hm Unng==
X-Gm-Message-State: ALoCoQkNcXiPDL6Ij5UCvMigAxizoQXJZwXy0Bo7FhMywCyatpwtHYf9TWvPZ/JJsd7uzjHUQfkb
X-Received: by 10.180.76.170 with SMTP id l10mr24605131wiw.68.1442445059168; Wed, 16 Sep 2015 16:10:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.79.200 with HTTP; Wed, 16 Sep 2015 16:10:19 -0700 (PDT)
In-Reply-To: <201509161907.32297.davemgarrett@gmail.com>
References: <CAOgPGoBT9C=pWebXShqxhbOsnqK+OZe=-n-SvZ_pH-dAtRaWXQ@mail.gmail.com> <CAFewVt64QphK5=WtAZhN8A7uhjmMZ1wc0nLOKvS8sgTRwY_vkg@mail.gmail.com> <20150916225501.GR13294@localhost> <201509161907.32297.davemgarrett@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 16 Sep 2015 16:10:19 -0700
Message-ID: <CABcZeBN22L9eJjgqxvh7qq7kAs6QtDrEX-KW=V2pcG9xEEfPcg@mail.gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Content-Type: multipart/alternative; boundary="f46d04374b3d5c3091051fe569ee"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/qa7m2NdBv8PfaExgWHbuQL-VK3w>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Call for consensus to remove anonymous DH
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2015 23:11:05 -0000

On Wed, Sep 16, 2015 at 4:07 PM, Dave Garrett <davemgarrett@gmail.com>
wrote:

> On Wednesday, September 16, 2015 06:55:02 pm Nico Williams wrote:
> > On Wed, Sep 16, 2015 at 02:25:52PM -0700, Brian Smith wrote:
> > > On Wed, Sep 16, 2015 at 2:05 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> > > > In addition, they are already part of TLS, so the question would be
> if we
> > > > have consensus to remove them....
> > >
> > > This thread  is about the removal of DH_anon_*, not about raw public
> keys.
> >
> > Yes, but you implied that you might not support keeping raw public keys.
> >
> > I'm not in favor of removing the anon cipher suites if we also remove
> > raw public key support.  This is important.  I don't want the cost of
> > doing anon with TLS to escalate piecemeal.  All cards on the table
> > please.
>
> This appears to just be a miscommunication.
>
> On Wednesday, September 16, 2015 05:38:05 pm Eric Rescorla wrote:
> > This proposal is to remove Anon, thus making things strictly simpler,
> since
> > Raw keys can replace Anon but not the other way around. One might imagine
> > a proposal to remove Raw keys, but that's not the question here and even
> if
> > that failed (as I expect it would) things will still be simpler if we
> > remove Anon.
>
> The current poll is to remove anon ciphers in favor of raw public keys.
> We're not considering removing raw public keys, as far as I know, and I
> think most of us would be against that.


Isn't this what I said?

-Ekr


>
>
> Dave
>

v2.23.0 | Report a Bug | By Email