IETF Logo Mail Archive

Re: [TLS] Prohibiting SSL 3.0

Florian Weimer <fw@deneb.enyo.de> Tue, 28 October 2014 11:19 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 883511A1BAC for <tls@ietfa.amsl.com>; Tue, 28 Oct 2014 04:19:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.56
X-Spam-Level:
X-Spam-Status: No, score=-1.56 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GC6I2-vxvDH4 for <tls@ietfa.amsl.com>; Tue, 28 Oct 2014 04:19:52 -0700 (PDT)
Received: from albireo.enyo.de (albireo.enyo.de [46.237.207.196]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 028621A1B7A for <tls@ietf.org>; Tue, 28 Oct 2014 04:19:51 -0700 (PDT)
Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) id 1Xj4oX-0004Nm-0Y; Tue, 28 Oct 2014 12:19:49 +0100
Received: from fw by deneb.enyo.de with local (Exim 4.80) (envelope-from <fw@deneb.enyo.de>) id 1Xj4oW-0003Zu-Oa; Tue, 28 Oct 2014 12:19:48 +0100
From: Florian Weimer <fw@deneb.enyo.de>
To: Yuhong Bao <yuhongbao_386@hotmail.com>
References: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl>
Date: Tue, 28 Oct 2014 12:19:48 +0100
In-Reply-To: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl> (Yuhong Bao's message of "Mon, 27 Oct 2014 19:05:41 -0700")
Message-ID: <877fzka1bf.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/sM7CjDjdw2ZtinVlb0d8jgdOhV8
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Oct 2014 11:19:54 -0000

* Yuhong Bao:

> I hope that a Internet-Draft prohibiting SSL 3.0 will be next.

RFC 6101 already has status “HISTORIC”.  I'm not sure what else the
IETF can do.  The cryptographically protected version negotation means
that there is no actual harm in supporting SSL 3.0 along with TLS.
(Same for supporting earlier TLS versions.)

v2.23.0 | Report a Bug | By Email