Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt

Jeffrey Walton <noloader@gmail.com> Wed, 03 June 2015 21:14 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2C401B2F19 for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 14:14:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4b4yIyl4OfeG for <tls@ietfa.amsl.com>; Wed, 3 Jun 2015 14:14:53 -0700 (PDT)
Received: from mail-ig0-x22b.google.com (mail-ig0-x22b.google.com [IPv6:2607:f8b0:4001:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51A771B2F1C for <tls@ietf.org>; Wed, 3 Jun 2015 14:14:53 -0700 (PDT)
Received: by igbyr2 with SMTP id yr2so123680156igb.0 for <tls@ietf.org>; Wed, 03 Jun 2015 14:14:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=pv4UhhH3DWQ3j/+k6NWNTsPcJ4Db3BFLYzdY9Ighbzo=; b=BHfUv07oqTOFUWeKCBBoHAXtdZ5mlbAdCSaH3zCm+9c6OcovZNjTtWPkEumxYYWKmX beWb6avuAbGUoa+Svw+wISAl2QE/JKZ5kUcn3pBey8ALqU58cnBApp/2kwYhDVyP5OtR +xzvv/cw7raS1xJr+MAvzs3Ps1EZF5B061Wq3VQjRv0P5Y30ejYrXGQKkh6TAKI/DMz/ n6ZdxuQ2tuDcSwUEWNIvHcTPC9/A7aaEVhSxPg5RG86moB/+WQx4Y8U1eaQ9VfFCq6LS 9WPMeqj4to7I/98Zy7sAzajqPFnUC5hco7803bBm7EzBg/tvfEFuZKooTmbkJ4HTvT0B cMGg==
MIME-Version: 1.0
X-Received: by 10.50.25.162 with SMTP id d2mr880199igg.11.1433366092764; Wed, 03 Jun 2015 14:14:52 -0700 (PDT)
Received: by 10.36.77.15 with HTTP; Wed, 3 Jun 2015 14:14:52 -0700 (PDT)
In-Reply-To: <CAHOTMV+PUtkkC3Hy5BRQ+of+13F+2Jp+kSpqhFcm9Av984hLnA@mail.gmail.com>
References: <20150601225057.17500.96911.idtracker@ietfa.amsl.com> <201506031323.37163.davemgarrett@gmail.com> <877frk7keg.fsf@alice.fifthhorseman.net> <201506031613.13571.davemgarrett@gmail.com> <CAHOTMV+PUtkkC3Hy5BRQ+of+13F+2Jp+kSpqhFcm9Av984hLnA@mail.gmail.com>
Date: Wed, 3 Jun 2015 17:14:52 -0400
Message-ID: <CAH8yC8nyR4YFHXqbG8F+ne=Usin9Chrn2wStAai1sr_ehAueqA@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
To: Tony Arcieri <bascule@gmail.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/rqKSmfFVQvcRwSrpXZm65gXoYzo>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-negotiated-ff-dhe-10.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: noloader@gmail.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 21:14:54 -0000

On Wed, Jun 3, 2015 at 4:50 PM, Tony Arcieri <bascule@gmail.com> wrote:
>
>
> On Wednesday, June 3, 2015, Dave Garrett <davemgarrett@gmail.com> wrote:
>>
>> The topic brought up by Tony Arcieri was the apparent plague of old Java
>> clients using TLS currently. A replacement set of cipher suites would
>> transparently fix this in a simpler way. It adds more suites, yes, but it
>> would ensure that this is only ever even _attempted_ to be negotiated
>> between clients and servers that both support them properly.
>
>
> That's "half the battle", IMO, and I think the other half of my argument was
> lost in a swarm of "LOL Java, there's your problem" responses. I also called
> out the "what about a catastrophic ECC failure?" in advance and yet that is
> somehow the main "pedantic" response I've been receiving to my complaints.
>

One thing to keep in mind with the Java clients...

   SSLSocketFactory.getInstance("TLS");

will return a socket with SSLv3 and TLS 1.0 enabled. You will also get
the cipher suite zoo enabled. TLS 1.1 and 1.2 were even disabled for
Java 7 (Java 8 finally enabled them).

You have to jump through hoops to get something sane, like "TLS 1.0
and above with reasonable cipher suites". See, for example,
http://stackoverflow.com/a/23365536/608639.

So its not clear you would get desired behavior regardless of what
happens. Old clients won't get the updates, and old and new code often
won't utilize seek out desired socket behavior.

Jeff