IETF Logo Mail Archive

Re: [Uta] Reviews requested - draft-ietf-uta-ciphersuites-in-sec-syslog

Chris Lonvick <lonvick.ietf@gmail.com> Tue, 19 September 2023 11:26 UTC

Return-Path: <lonvick.ietf@gmail.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B07F0C1516E2 for <uta@ietfa.amsl.com>; Tue, 19 Sep 2023 04:26:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b5yOIZX7toVB for <uta@ietfa.amsl.com>; Tue, 19 Sep 2023 04:26:05 -0700 (PDT)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EDD8C15155F for <uta@ietf.org>; Tue, 19 Sep 2023 04:26:05 -0700 (PDT)
Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-9a9f139cd94so757626566b.2 for <uta@ietf.org>; Tue, 19 Sep 2023 04:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1695122764; x=1695727564; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=pKmJw3nnHcN1kusMfuaQuptJm0FGR2tAPtL51mv9iNA=; b=ldD7SIMManUxCmifU+QrpvB2PUka4XKgfXFftUS0aWxEsAmQKjn7FUBYcpS2CS8XV4 32OF1X/P1JSTKEU/gusXC0QurRWcSAzUYi+KfDASA6zJJ/q+AoqqobaF4Ywr1oVHeBwd YvLXavgDKgRLeMzXwvc4FRl60xZftRocSoMZdCCgvgHdIwHUx65WztHcX5TnJKzT/qO3 JU5TPyVal0rJCdXbqzmrnyv+BE3OoZ3Z2CyuamJEXAPFpzu3DOGrTyG01ENSJfZ2BcsL ZtrrjwbfzkHtzBkMJ171zc1q4vellsZut0kooihrObdWqkdFOZqsOPspwMqXcNLUnbYK 8gAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695122764; x=1695727564; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pKmJw3nnHcN1kusMfuaQuptJm0FGR2tAPtL51mv9iNA=; b=eMB1PE5hwz6qmzlIEboT3ZMN4AWyeb7ITJ0q5I1LKiyjAFPLJ73AcT6UwBHrmL06xd MPi2irgEcynaPPrDUqBgc2iw+egt0fWYNznUdNs1kTkbGKUAQswP+4A+I4qqDdxjRr7i qMqFP6i3r1JgCNinf6GBj+Yf3uDsgVZqPavP5ESGn8Sf53HfoAr3SOsX5Y5BTxqHcmIN AcRpcya2+doTKqb5gvGsF490Cz+bFMMKS4pK3mlBA17AQv0zOZxVN4OS0RAn/wOmm1SD YgCzchlxY/+MIgY6YJRAK+Sv/lFlNpwNYL7YObjND1pRGsGHHTcmdffLa35I1crV+7dX mOmQ==
X-Gm-Message-State: AOJu0YxP9B24PX05j9bgxR3P73E5GWzWsInyGNc+K6WR+HhHuoogsNVI p9D8RD9j3KstqN6cbaONmqsqiz2Z6p9cEoG425T5W0OmvMo=
X-Google-Smtp-Source: AGHT+IE90XcgQ2NOPHqr6EbxfKgUZFE4LUM9q12gJIfVlBYcIfoeFUZp1oYrP6g37uyUdnkKUz4Vh0HFJEjF3YrT2yY=
X-Received: by 2002:a17:907:2c42:b0:9ad:af77:1f14 with SMTP id hf2-20020a1709072c4200b009adaf771f14mr8519268ejc.59.1695122763548; Tue, 19 Sep 2023 04:26:03 -0700 (PDT)
MIME-Version: 1.0
References: <CADPQ2UH81rQSbLhfZMCm9o_KZysWXpBhESS7Bv53XRL=ifUSaA@mail.gmail.com> <ZPC0qrEEdwsFeQBt@straasha.imrryr.org> <CADPQ2UEjj-xCkeVwF0P1uwgGxzc++8knmTQpc3fDBzdhxxBE-Q@mail.gmail.com> <ZQenRxD6q0MfQ007@straasha.imrryr.org>
In-Reply-To: <ZQenRxD6q0MfQ007@straasha.imrryr.org>
From: Chris Lonvick <lonvick.ietf@gmail.com>
Date: Tue, 19 Sep 2023 07:25:51 -0400
Message-ID: <CADPQ2UH05fLLokq1a=W25sNNU2WmG1JRH_7ymNDruVrEeKo_mw@mail.gmail.com>
To: uta@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002c0cf40605b48681"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/1MXaqZmicfwWdQO7I3bx4x4u9JU>
Subject: Re: [Uta] Reviews requested - draft-ietf-uta-ciphersuites-in-sec-syslog
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2023 11:26:07 -0000

Hi Viktor,

Your comments didn't go unnoticed.

I think that the changes to Sections 4 and 5 should be limited to replacing
"MUST NOT" with "SHOULD NOT". That will provide clear guidance for
implementers.

I was then thinking of changing the Security Considerations section to the
following:
---vvv---
10.  Security Considerations

   [BCP195] deprecates an insecure DTLS transport protocol from
   [RFC6012] and deprecates insecure cipher suits from [RFC5425] and
   [RFC6012].  This document specifies mandatory to implement cipher
   suites to those RFCs and the latest version of the DTLS protocol to
   [RFC6012].

   The insecure cipher suites SHOULD NOT be offered.  If a device
   currently only has an insecure cipher suite, an administrator of the
   network should evaluate the conditions and determine if the insecure
   cipher suite should be allowed so that syslog messages may continue
   to be delivered until the device is updated to have a secure cipher
   suite.
---^^^---

Please comment and suggest any further edits for WG review.

Best regards,
Chris

On Sun, Sep 17, 2023 at 9:26 PM Viktor Dukhovni <ietf-dane@dukhovni.org>
wrote:

> On Wed, Sep 06, 2023 at 12:53:39PM -0400, Chris Lonvick wrote:
>
> > Hi Viktor and all,
> >
> > I see your point.
> >
> > How about if the phrases "MUST NOT offer TLS_RSA_WITH_AES_128_CBC_SHA" in
> > Sections 4 and 5 be changed to "SHOULD NOT offer..."?
> >
> > This seems to be more consistent with Section 4.2.1 of RFC 9325 (BCP 195)
> > and will continue to allow devices to offer that algorithm --and allow
> log
> > messages to continue to be delivered during a transition.
> >
> > We're still looking for more reviews and discussion on this topic.
>
> I do think that "SHOULD NOT" is a step in the right direction.  And I
> expect, based on prior experience with other IETF deprecation
> activities, that this is likely the best bargain I can hope to reach.
>
> However, a close reading of my orignal post will show that I believe
> that even that is needlessly prescriptive.
>
> Security improves primarily when we raise the ceiling, not the floor
> (there are exceptions when not raising the floor opens opportunities for
> downgrade or cross-protocol attacks).
>
> The outcome we're looking for is that stronger ciphers be implemented
> and used.  Punishing the long tail of slow adopters is rather a
> secondary goal.
>
> And IMHO with syslog, where I would prioritise availability over maximal
> channel security, if this were my text to write, I'd would say:
>
>     * Peers MUST implement the new MTI ciphers (tautology given MTI).
>
>     * Must negotiate the MTI ciphers in preference to the deprecated
>       ciphers (MAY also negotiate equally strong or stronger
>       alternatives to the MIT ciphers).
>
> Note, this does not say anything about requiring non-support of the
> legacy ciphers.  But it could be reasonable to add:
>
>     * Operators SHOULD consider disabling the deprecated ciphers once
>       no longer needed to support any of the expected clients.
>
> In other words, an orderly transition with no disruptive removal of
> interoperability before all the expected peers are ready.
>
> --
>     Viktor.
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>

v2.23.0 | Report a Bug | By Email