Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_xxx_GCM_SHAxxx
Kurt Roeckx <kurt@roeckx.be> Thu, 13 March 2014 20:00 UTC
Return-Path: <kurt@roeckx.be>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD2B11A072A for <tls@ietfa.amsl.com>; Thu, 13 Mar 2014 13:00:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ypo3g4bz5EkX for <tls@ietfa.amsl.com>; Thu, 13 Mar 2014 13:00:57 -0700 (PDT)
Received: from defiant.e-webshops.eu (defiant.e-webshops.eu [82.146.122.140]) by ietfa.amsl.com (Postfix) with ESMTP id 90CEC1A07D9 for <tls@ietf.org>; Thu, 13 Mar 2014 13:00:57 -0700 (PDT)
Received: from intrepid.roeckx.be (localhost [127.0.0.1]) by defiant.e-webshops.eu (Postfix) with ESMTP id C3C8D1C21FA; Thu, 13 Mar 2014 21:00:49 +0100 (CET)
Received: by intrepid.roeckx.be (Postfix, from userid 1000) id A26461FE01C3; Thu, 13 Mar 2014 21:00:49 +0100 (CET)
Date: Thu, 13 Mar 2014 21:00:49 +0100
From: Kurt Roeckx <kurt@roeckx.be>
To: mrex@sap.com
Message-ID: <20140313200049.GA28402@roeckx.be>
References: <5321FAB1.2070309@gmail.com> <20140313192345.5F4D91AC4A@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20140313192345.5F4D91AC4A@ld9781.wdf.sap.corp>
User-Agent: Mutt/1.5.22 (2013-10-16)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/zyy5XMBmpkSS_g1IqRmup3wD2-Y
Cc: "Pégourié-Gonnard <mpg@polarssl.org>"@roeckx.be, Manuel@roeckx.be, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_xxx_GCM_SHAxxx
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Mar 2014 20:00:59 -0000
On Thu, Mar 13, 2014 at 08:23:45PM +0100, Martin Rex wrote: > I strongly frown upon the idea of resurrecting DH_anon cipher suites > from their cold grave, let alone adding new cruft. > > Generate Server Keys on the fly just like SSH does. Resurrecting > DH_anon turns an initial-leap-of-faith into eternal-leaps-of-faith. You can't do authenticated encryption with SMTP in most of the cases. DANE is currently about the best way to move to authenticated encrypted SMTP, however there are very few sites that bother to set up DNSSEC and DANE. Since it's SMTP is now not authenticated it makes perfect sense to use anonymous DH. The best option for that is currently TLS_DH_anon_WITH_AES_XXX-GCM-SHAXXX, and this would add the ECDH version. I would agree that moving to authenticated encryption would be the best, but since we can't do authenticated encryption we should go for the best thing we can do without authentication, and that would be this proposal. I'm not sure what you mean with your comment about SSH, but I do hope that you actually check the fingerprint of the host you're connecting to. Kurt
- [TLS] Still missing: TLS_ECDH_anon_WITH_AES_xxx_G… Nico Williams
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Manuel Pégourié-Gonnard
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Daniel Kahn Gillmor
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Alyssa Rowan
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Alexandre Anzala-Yamajako
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Yoav Nir
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Peter Gutmann
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Nico Williams
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Alyssa Rowan
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Yaron Sheffer
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Nico Williams
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Martin Rex
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Yaron Sheffer
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Nico Williams
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Nico Williams
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Kurt Roeckx
- Re: [TLS] Still missing: TLS_ECDH_anon_WITH_AES_x… Peter Gutmann