Re: [TLS] ban more old crap
Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Fri, 24 July 2015 06:41 UTC
Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33AF41A871B for <tls@ietfa.amsl.com>; Thu, 23 Jul 2015 23:41:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UPPERCASE_50_75=0.008] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VRK7OY2lx-2l for <tls@ietfa.amsl.com>; Thu, 23 Jul 2015 23:41:22 -0700 (PDT)
Received: from emh03.mail.saunalahti.fi (emh03.mail.saunalahti.fi [62.142.5.109]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BE4F1B2D52 for <tls@ietf.org>; Thu, 23 Jul 2015 23:41:22 -0700 (PDT)
Received: from LK-Perkele-VII (a91-155-194-207.elisa-laajakaista.fi [91.155.194.207]) by emh03.mail.saunalahti.fi (Postfix) with ESMTP id 3F788188860; Fri, 24 Jul 2015 09:41:19 +0300 (EEST)
Date: Fri, 24 Jul 2015 09:41:19 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <20150724064119.GA9208@LK-Perkele-VII>
References: <201507221610.27729.davemgarrett@gmail.com> <1724827.ajpDBsKllU@pintsize.usersys.redhat.com> <201507231143.46288.davemgarrett@gmail.com> <55B11EFC.6070400@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <55B11EFC.6070400@cs.tcd.ie>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/u5zOzB7njA30w-HXVnBxyZUa35I>
Cc: tls@ietf.org
Subject: Re: [TLS] ban more old crap
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 06:41:24 -0000
On Thu, Jul 23, 2015 at 06:06:04PM +0100, Stephen Farrell wrote: > > > On 23/07/15 16:43, Dave Garrett wrote: > > We should just get more serious about banning old crap entirely to > > make dangerous misconfiguration impossible for TLS 1.3+ > > implementations. > > > > Right now, the restrictions section prohibits: RC4, SSL2/3, & > > EXPORT/NULL entirely (via min bits) and has "SHOULD" use TLS 1.3+ > > compatible with TLS 1.2, if available > > A suggestion - could we remove mention of anything that > is not a MUST or SHOULD ciphersuite from the TLS1.3 document > and then have someone write a separate draft that adds a > column to the registry where we can mark old crap as > deprecated? Checked the ciphersuite registry. Of 316 negotiable ciphers, marking everything that doesn't work in TLS 1.3 or is DSS ciphersuite (nobody uses that) would leave 52 ciphersuites undeprecated. Unfortunately, completing the various sets could add up to 31 new ciphersuites... :-/ Flags: A => Anonymous (6+8) D => Dubious use (6+1). I guess IoT devices don't appreciate FFDHE. F => FFDHE (26+3) I => IoT foucus (18+12) N => New signature type (0+11), merging would take bending TLS 1.2 rules. R => RSA signature type with ECDHE (6+1) V => Vanity (24+8) The 52 are: --F-- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 --F-- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 A-F-- TLS_DH_anon_WITH_AES_128_GCM_SHA256 A-F-- TLS_DH_anon_WITH_AES_256_GCM_SHA384 ----- TLS_PSK_WITH_AES_128_GCM_SHA256 ----- TLS_PSK_WITH_AES_256_GCM_SHA384 -DFI- TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 -DFI- TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 ----- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ----- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ----R TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ----R TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 --FV- TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 --FV- TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 A-FV- TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 A-FV- TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 ---V- TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 ---V- TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 ---VR TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 ---VR TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 ---V- TLS_PSK_WITH_ARIA_128_GCM_SHA256 ---V- TLS_PSK_WITH_ARIA_256_GCM_SHA384 -DFV- TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 -DFV- TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 --FV- TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 --FV- TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 A-FV- TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 A-FV- TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 ---V- TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 ---V- TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 ---VR TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 ---VR TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 ---V- TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 ---V- TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 -DFV- TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 -DFV- TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 -DFI- TLS_DHE_RSA_WITH_AES_128_CCM -DFI- TLS_DHE_RSA_WITH_AES_256_CCM -DFI- TLS_DHE_RSA_WITH_AES_128_CCM_8 -DFI- TLS_DHE_RSA_WITH_AES_256_CCM_8 ---I- TLS_PSK_WITH_AES_128_CCM ---I- TLS_PSK_WITH_AES_256_CCM -DFI- TLS_DHE_PSK_WITH_AES_128_CCM -DFI- TLS_DHE_PSK_WITH_AES_256_CCM ---I- TLS_PSK_WITH_AES_128_CCM_8 ---I- TLS_PSK_WITH_AES_256_CCM_8 -DFI- TLS_PSK_DHE_WITH_AES_128_CCM_8 -DFI- TLS_PSK_DHE_WITH_AES_256_CCM_8 ---I- TLS_ECDHE_ECDSA_WITH_AES_128_CCM ---I- TLS_ECDHE_ECDSA_WITH_AES_256_CCM ---I- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 ---I- TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 And the new 31 would be: ----R TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 ----- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 --F-- TLS_DHE_RSA_WITH_CHACHA20_POLY1305 ----- TLS_PSK_WITH_CHACHA20_POLY1305 ---I- TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305 -DFI- TLS_DHE_PSK_WITH_CHACHA20_POLY1305 ---I- TLS_ECDHE_PSK_WITH_AES_128_GCM ---I- TLS_ECDHE_PSK_WITH_AES_256_GCM ---I- TLS_ECDHE_PSK_WITH_AES_128_CCM_8 ---I- TLS_ECDHE_PSK_WITH_AES_256_CCM_8 ---I- TLS_ECDHE_PSK_WITH_AES_128_CCM ---I- TLS_ECDHE_PSK_WITH_AES_256_CCM A---- TLS_ECDH_anon_WITH_AES_128_GCM_SHA256 A---- TLS_ECDH_anon_WITH_AES_256_GCM_SHA384 A--V- TLS_ECDH_anon_WITH_ARIA_128_GCM_SHA256 A--V- TLS_ECDH_anon_WITH_ARIA_256_GCM_SHA384 A--V- TLS_ECDH_anon_WITH_CAMELLIA_128_GCM_SHA256 A--V- TLS_ECDH_anon_WITH_CAMELLIA_256_GCM_SHA384 A---- TLS_ECDH_anon_WITH_CHACHA20_POLY1305 A-F-- TLS_DH_anon_WITH_CHACHA20_POLY1305 ----N TLS_ECDHE_ECIDSA_WITH_AES_128_GCM_SHA256 ----N TLS_ECDHE_ECIDSA_WITH_AES_256_GCM_SHA384 ---VN TLS_ECDHE_ECIDSA_WITH_ARIA_128_GCM_SHA256 ---VN TLS_ECDHE_ECIDSA_WITH_ARIA_256_GCM_SHA384 ---VN TLS_ECDHE_ECIDSA_WITH_CAMELLIA_128_GCM_SHA256 ---VN TLS_ECDHE_ECIDSA_WITH_CAMELLIA_256_GCM_SHA384 ---IN TLS_ECDHE_ECIDSA_WITH_AES_128_CCM ---IN TLS_ECDHE_ECIDSA_WITH_AES_256_CCM ---IN TLS_ECDHE_ECIDSA_WITH_AES_128_CCM_8 ---IN TLS_ECDHE_ECIDSA_WITH_AES_256_CCM_8 ----N TLS_ECDHE_ECIDSA_WITH_CHACHA20_POLY1305 -Ilari
- [TLS] A la carte concerns from IETF 93 Dave Garrett
- Re: [TLS] A la carte concerns from IETF 93 Hubert Kario
- Re: [TLS] A la carte concerns from IETF 93 Ilari Liusvaara
- [TLS] ban more old crap (was: A la carte concerns… Dave Garrett
- Re: [TLS] ban more old crap (was: A la carte conc… Viktor Dukhovni
- Re: [TLS] ban more old crap (was: A la carte conc… Dave Garrett
- Re: [TLS] ban more old crap Stephen Farrell
- Re: [TLS] ban more old crap (was: A la carte conc… Yuhong Bao
- Re: [TLS] ban more old crap Eric Rescorla
- Re: [TLS] ban more old crap Hubert Kario
- Re: [TLS] ban more old crap (was: A la carte conc… Hubert Kario
- Re: [TLS] ban more old crap Dave Garrett
- Re: [TLS] ban more old crap Ilari Liusvaara
- Re: [TLS] ban more old crap Hubert Kario
- Re: [TLS] ban more old crap Dave Garrett
- Re: [TLS] ban more old crap Hubert Kario
- Re: [TLS] ban more old crap Dave Garrett
- Re: [TLS] ban more old crap Yuhong Bao
- Re: [TLS] ban more old crap Ilari Liusvaara
- Re: [TLS] ban more old crap Viktor Dukhovni
- Re: [TLS] ban more old crap Salz, Rich
- Re: [TLS] ban more old crap Stephen Farrell
- Re: [TLS] ban more old crap Benjamin Beurdouche
- Re: [TLS] ban more old crap Eric Rescorla
- Re: [TLS] ban more old crap Martin Thomson
- Re: [TLS] ban more old crap Salz, Rich
- Re: [TLS] ban more old crap Martin Thomson
- Re: [TLS] ban more old crap Viktor Dukhovni
- Re: [TLS] ban more old crap Viktor Dukhovni
- Re: [TLS] ban more old crap Dave Garrett
- Re: [TLS] ban more old crap Viktor Dukhovni