IETF Logo Mail Archive

Re: [TLS] draft-deprecate-obsolete-kex - Comments from WG Meeting

David Benjamin <davidben@chromium.org> Mon, 01 August 2022 17:06 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 314F8C14CF0C for <tls@ietfa.amsl.com>; Mon, 1 Aug 2022 10:06:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.839
X-Spam-Level:
X-Spam-Status: No, score=-9.839 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iwre7lVqAHRp for <tls@ietfa.amsl.com>; Mon, 1 Aug 2022 10:06:19 -0700 (PDT)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A0A7C14F72B for <tls@ietf.org>; Mon, 1 Aug 2022 10:06:19 -0700 (PDT)
Received: by mail-qk1-x730.google.com with SMTP id o21so8850768qkm.10 for <tls@ietf.org>; Mon, 01 Aug 2022 10:06:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UO52S7s9T6xqF2lBL/tt8GrQLX6MHGdUlggqG+oQy/M=; b=HTroGKQakHfn/aPweGMehd28CNhZGVM/PtOJ8F4CUhc6lx5Vr+YEEMflw65mu34Tt0 YqnGwg5svlTongObwGAJJi4DkFf7n+YRtmG7xb3+mhjIjHL1H2kVwIJz5nglJAakFg2u ieZ8nJg/3AHIYPPiiOSkcZ7QlZb5dPIRr9A6U=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UO52S7s9T6xqF2lBL/tt8GrQLX6MHGdUlggqG+oQy/M=; b=zC3l1t3Z7XLrbpzzli24B3YPcG85UHRV3nC7KQunjS+A9HcEb9YjoP5wmUkkIFvlLg d6PGkPxJs8aW+2B5b5A1zQeGmgWj8njImw2f3gVkhAzn7Kn82XGtzB8gOVcmdHsLJMjW uDJ6wsnRIZkRIv5VbhPXe+xZi56jL1cCTgI4CW+C8Hr+37FrSnWjhxX2N9x/jqfeAZAD 4kMI+Yk6DQZs8tq9uywt2GX/34F6IW8iJgk0MEmGsZqHoOQkdbbsn5E2uRDd6Wpv+c9b uJCmecrIKx7Bq0A2zyUrP3TROUM9Prdv43l0HmLxu1dZCwXv/KCErtLjKumcUdbeWEmE kYoA==
X-Gm-Message-State: AJIora9F6pON86csKJegluawfTtQU8qivWLVwvPEdFr4mVAV5qvshtbF bCo2R0lh9oecme3240Q3Hzm8QXoHXqcy0pUENS5+UL9MNA==
X-Google-Smtp-Source: AGRyM1uY3Vq1hn4IxeFwd2JteBwxgq/2Fjd5L2dyhzv92NS2xlWcRUbYHS/44TQ+EQK7JS6mOzw+J0IMYDxXK7zE34w=
X-Received: by 2002:a37:a90e:0:b0:6b5:d62f:7eb with SMTP id s14-20020a37a90e000000b006b5d62f07ebmr12291222qke.166.1659373578419; Mon, 01 Aug 2022 10:06:18 -0700 (PDT)
MIME-Version: 1.0
References: <CABiKAoSvJqewOs=pqS+ggyWBCasoQYU9GoGMMOq6V4HZqmUH+Q@mail.gmail.com> <SY4PR01MB6251B80C4F35F6921854DC72EE999@SY4PR01MB6251.ausprd01.prod.outlook.com> <YuQdX10fR27Z2iKd@LK-Perkele-VII2.locald> <SY4PR01MB6251EE26098B200AFCDCCC73EE9B9@SY4PR01MB6251.ausprd01.prod.outlook.com>
In-Reply-To: <SY4PR01MB6251EE26098B200AFCDCCC73EE9B9@SY4PR01MB6251.ausprd01.prod.outlook.com>
From: David Benjamin <davidben@chromium.org>
Date: Mon, 01 Aug 2022 10:06:02 -0700
Message-ID: <CAF8qwaD5nJx9qPmTHX247xm8RWU_+_Brm--4BREZ94NSaS8Qxw@mail.gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: Ilari Liusvaara <ilariliusvaara@welho.com>, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b1a21705e53104c8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/t5fZA9Ajxf1bEVopdY0JcPIitog>
Subject: Re: [TLS] draft-deprecate-obsolete-kex - Comments from WG Meeting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Aug 2022 17:06:23 -0000

Solutions which require software changes to both sides may as well apply
that software change to TLS 1.3, or even just TLS 1.2 ECDHE. (RFC 7919
could also have been such an option, but it was defined wrong, per the
meeting discussion, it is not. So it goes.)

Skimming the TLS-LTS formulation, it seems like it'd have the same problem
as 7919 in this context anyway. Any negotiation-based solution must work
correctly when the feature is *and isn't* negotiated. Reusing the same
cipher suites forces the client to offer DHE in the problematic mode too.
(Also if we're making a new construction, it should be NamedGroup code
points, not spelled out params.)

Regardless, I don't think it's worth the time to define and deploy a fixed
variant of TLS 1.2 DHE. We've already defined a successor twice over.

On Sun, Jul 31, 2022 at 3:28 AM Peter Gutmann <pgut001@cs.auckland.ac.nz>
wrote:

> Ilari Liusvaara <ilariliusvaara@welho.com> writes:
>
> >Unfortunately, that does not work because it would require protocol
> >modifications requiring coordinated updates to both clients and servers.
>
> I was thinking of it more as a smoke-em-if-you-got-em option, since -LTS
> is by
> negotiation it'd be something to the effect that if you're using -LTS then
> you're covered, otherwise do X.
>
> Peter.
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email