Re: [TLS] Prohibiting SSL 3.0
Dave Garrett <davemgarrett@gmail.com> Fri, 31 October 2014 09:02 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E8251A70E1 for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 02:02:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RS8suoZT4vcn for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 02:02:03 -0700 (PDT)
Received: from mail-qg0-x236.google.com (mail-qg0-x236.google.com [IPv6:2607:f8b0:400d:c04::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 342FA1A797C for <tls@ietf.org>; Fri, 31 Oct 2014 02:02:03 -0700 (PDT)
Received: by mail-qg0-f54.google.com with SMTP id q108so5195673qgd.41 for <tls@ietf.org>; Fri, 31 Oct 2014 02:02:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:mime-version:content-type :content-transfer-encoding:message-id; bh=jjhxYkykHW0HS1yVvr/f22kDh1C0lJPi4zTmTUAtM28=; b=DI0bD5jl1FVoyrCUpuSNzMsf6jGr4PKFLqSa86ZroLSZpET+3XkjII+WDMYchdz+bl X8UB1tuxpfUkQUZXRwMOyKjl9evInQWn2ah5zbI+rQKend5lnC8CDRDxKn/rifg4jI03 lv/PgGVHpHh9YdOHtHJP7VlUuWALjXbcEO7fOtRNs0PE9P//L/EGGOrcadYAu2B5nbwi apty4O32eLglnM2H5j7tljdTXUU1snSGYHQmOlXRENCXTd+xE1syARLbYLWHd4LlC2UK cyiTAwdgmKI9PMrB4xg1xcrm/dYN3UIQ0hB489cUcBpUvMa9eXOW/qTP/VNY/L6MdZyi uHTw==
X-Received: by 10.224.50.84 with SMTP id y20mr34766148qaf.44.1414746122374; Fri, 31 Oct 2014 02:02:02 -0700 (PDT)
Received: from dave-laptop.localnet (pool-72-78-212-218.phlapa.fios.verizon.net. [72.78.212.218]) by mx.google.com with ESMTPSA id i33sm8940502qgd.8.2014.10.31.02.02.02 for <multiple recipients> (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 31 Oct 2014 02:02:02 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Fri, 31 Oct 2014 05:02:00 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-66-generic-pae; KDE/4.4.5; i686; ; )
MIME-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <201410310502.01198.davemgarrett@gmail.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/r9HyAkJW43BDhok7mbBDaBV9PVU
X-Mailman-Approved-At: Fri, 31 Oct 2014 16:46:34 -0700
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Oct 2014 09:02:05 -0000
Martin Rex wrote: > [...] TLS is not designed to provide protection from [...] This is not a useful debate. What SSL/TLS was designed to do last millennium is irrelevant. We have new threat models now and have to adapt our expectations of security protocols to deal with them. https://www.youtube.com/watch?v=MiU42KI1GUw#t=110s There's no point in arguing about SSL3 at this point. Even if it's theoretically safe with various mitigations within a narrow use-case, very few people trust it anymore. It's archaic and long since deprecated. TLS 1.0 is obsolete for that matter. If security is the actual goal here, it really should be TLS 1.2 or bust by now. The only reason any of these old versions are supported is an unwillingness/incapability of vendors to properly coordinate upgrades and deprecations. It took a decade and a half and POODLE to get anybody to jointly axe SSL3. We should take it as good that we can move slightly into the future and move on. I'd like to see a draft for prohibiting TLS 1.0 on the queue next. If we've learned one thing recently, it's that you shouldn't wait until the last possible moment to get rid of old protocols. We shouldn't be expecting old versions to be maintained properly with all necessary mitigations that are required, nor should we be surprised when they inevitably have some long standing flaw that eventually gets discovered. -- Dave
- [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Martin Thomson
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Peter Gutmann
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Ilari Liusvaara
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Eric Rescorla
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Salz, Rich
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Geoffrey Keating
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Sean Turner
- Re: [TLS] Prohibiting SSL 3.0 Joseph Salowey
- Re: [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Dave Garrett
- Re: [TLS] Prohibiting SSL 3.0 Jeffrey Walton
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir