IETF Logo Mail Archive

Re: [Uta] "webby" STS and DANE/DNSSEC co-existence

Aaron Zauner <azet@azet.org> Fri, 15 April 2016 09:35 UTC

Return-Path: <azet@azet.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5E1B12D87C for <uta@ietfa.amsl.com>; Fri, 15 Apr 2016 02:35:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=azet.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kMmZjMCxiK7n for <uta@ietfa.amsl.com>; Fri, 15 Apr 2016 02:35:48 -0700 (PDT)
Received: from mail-pa0-x233.google.com (mail-pa0-x233.google.com [IPv6:2607:f8b0:400e:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4F7A12DD43 for <uta@ietf.org>; Fri, 15 Apr 2016 02:35:48 -0700 (PDT)
Received: by mail-pa0-x233.google.com with SMTP id er2so25346880pad.3 for <uta@ietf.org>; Fri, 15 Apr 2016 02:35:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=AStLeR2MWoheXegb8R97a4/9fj+Fvgy2Z22Q5e6YeO8=; b=ehOPNCdEXUr1cN0zVcguTLk7LvheNwjJZJkFWZbFVihXRpZjgcsJkBXkm22HWpbx3g xrXJcYg1s2jAQX2k2CwQ3FYR2hzYbj0tLPyDKhL39yGisZusm4kMHPkHf8n4lq/FgVPL 1YiZzXkJhsFhgAjcBgOTCCLyH1kvGn+clrFeI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=AStLeR2MWoheXegb8R97a4/9fj+Fvgy2Z22Q5e6YeO8=; b=C/uDw3aEnMTSJH2CHi4g06r/xudCCvs++/fz5NIQrJYtc4C/neh6K/F851sVCGCiyX 0Ivq6Ha41BjNFPb765u4z8KG2aXL17akl4OPvWWksUFx9+g6MpIGd9u0Kb9IMOn/Mnj0 cdObCqtFVS7G9volgeF/MFw9n1ulSa7WD7VwAr2DZRsYAxo401ud8g84nR2rzu630qty vB3p31Ag5AfO7y73DjLxA3LSw4OU/wAdNfSQVrXzLXndLuHU8279Ck/dq1CQ7pSjAEcE uQMmlOZKxS6uEwpz6tZ4s/l1bDGTuWxpAGqmcNx9eObI05NjfOTEgtC925iqbk9jePf0 5t7A==
X-Gm-Message-State: AOPr4FVJ+IOmJ7DC5AO9P1swlavje8jRe9HBVgvslzBoy6j9sDWoYHN+cAsnAoCUk1Uqog==
X-Received: by 10.66.131.79 with SMTP id ok15mr28272514pab.151.1460712948352; Fri, 15 Apr 2016 02:35:48 -0700 (PDT)
Received: from [172.20.10.7] (ppp-49-237-172-94.revip6.asianet.co.th. [49.237.172.94]) by smtp.gmail.com with ESMTPSA id w1sm5343296paa.6.2016.04.15.02.35.45 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 15 Apr 2016 02:35:46 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: multipart/signed; boundary="Apple-Mail=_82D66191-0A78-42D8-8476-770CE55B6131"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.6b2
From: Aaron Zauner <azet@azet.org>
In-Reply-To: <57107E44.3040108@bluepopcorn.net>
Date: Fri, 15 Apr 2016 16:36:23 +0700
Message-Id: <B505D600-6B68-41C5-8FE7-87687822C047@azet.org>
References: <570C0CD2.9030401@cs.tcd.ie> <20160411212128.GA26423@mournblade.imrryr.org> <CANtKdUekXNkVvsfq0UjCiaaPVBgoVGfrfnYUrdoOf0EegXMuPg@mail.gmail.com> <20160413014304.GB26423@mournblade.imrryr.org> <CANtKdUf0kN5aOmX0-NsyQXz_+PRGfaXa37DFZoCX3FqdYh5CpA@mail.gmail.com> <etPan.570e8549.3d8c14b4.1614d@jcaps-rd2.us.oracle.com> <57107E44.3040108@bluepopcorn.net>
To: Jim Fenton <fenton@bluepopcorn.net>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/uta/MMN1-tne54BzodltTQFXUymyRcE>
Cc: uta@ietf.org, Chris Newman <chris.newman@oracle.com>
Subject: Re: [Uta] "webby" STS and DANE/DNSSEC co-existence
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Apr 2016 09:35:51 -0000

Hi,

> On 15 Apr 2016, at 12:38, Jim Fenton <fenton@bluepopcorn.net> wrote:
> 
> Is there actually something in TLS 1.1 that can be exploited by these sorts of attackers?  If not, I wouldn't include those directives.

I'm not sure if that answers your question w.r.t. downgrade attacks, but a quick comment on changes between the TLS versions: TLS 1.2 introduces AEAD (authenticated encryption with associated data), these modes are currently the only ones considered secure by academia. For example: 1.1 doesn't support GCM, CCM,.. - so you end up with CBC or RC4, both of which are at the very least broken in lab settings and these attacks have been improved by quite a bit over the last couple of years, so that might be something to consider. 1.2 also removed MD5 and SHA1 as PRFs and made them configurable in cipher-suites (e.g. SHA256).

Aaron

v2.23.0 | Report a Bug | By Email