IETF Logo Mail Archive

Re: [Uta] [art] Artart last call review of draft-ietf-uta-rfc7525bis-09

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 03 August 2022 06:07 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82852C15A735 for <uta@ietfa.amsl.com>; Tue, 2 Aug 2022 23:07:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h2PJwSkEOOm0 for <uta@ietfa.amsl.com>; Tue, 2 Aug 2022 23:07:22 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE75AC13CCDF for <uta@ietf.org>; Tue, 2 Aug 2022 23:07:21 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2175.outbound.protection.outlook.com [104.47.71.175]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-106-wZMcj00rP7SiXmlf3sdjVQ-1; Wed, 03 Aug 2022 16:07:17 +1000
X-MC-Unique: wZMcj00rP7SiXmlf3sdjVQ-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SYAPR01MB2591.ausprd01.prod.outlook.com (2603:10c6:1:b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5482.12; Wed, 3 Aug 2022 06:07:15 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40%3]) with mapi id 15.20.5482.016; Wed, 3 Aug 2022 06:07:15 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Peter Saint-Andre <stpeter@stpeter.im>, Cullen Jennings <fluffy@iii.ca>
CC: "draft-ietf-uta-rfc7525bis.all@ietf.org" <draft-ietf-uta-rfc7525bis.all@ietf.org>, "art@ietf.org" <art@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [Uta] [art] Artart last call review of draft-ietf-uta-rfc7525bis-09
Thread-Index: AQHYpem6/Cr0fCq7y0ezkEP6wlGEC62anW2AgAEmPoCAAOzI8w==
Date: Wed, 03 Aug 2022 06:07:15 +0000
Message-ID: <SY4PR01MB625185A08074FECE804E5BABEE9C9@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <165728991008.45773.10659091812976572509@ietfa.amsl.com> <4c7fcbfe-5055-d33d-e1d1-27e85592551a@stpeter.im> <A0DD6035-C9D1-4FEC-A5E7-7D95FFC55602@iii.ca> <9c9922a8-93b5-611f-6433-dbac122dcc4f@stpeter.im> <e7b17bbe-0b6b-2a54-2100-b220a9afa92e@stpeter.im> <B186BFAC-6584-4395-837E-C8F09FE6AEC7@iii.ca> <e36b7842-9ebc-2fbd-54be-9a8a1fe05771@stpeter.im> <92ad78a4-5e28-31e8-aa25-b41cb0692ff3@stpeter.im>
In-Reply-To: <92ad78a4-5e28-31e8-aa25-b41cb0692ff3@stpeter.im>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 511687b2-23b9-4ca7-88e8-08da75166a25
x-ms-traffictypediagnostic: SYAPR01MB2591:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: LtEemD2y18dkdZBtqwTGsXlFcYYDPaoJyELd57y0QdbmPJEHqhIbtWzh3oVqbuSG5RWsa9Dn4DH3y1tsEuEN5ixlGhOCgnW/OG2GISe5LdH3wQimsddyhgUBv+TcVlRNDv8kK0faajfzFc7EOzkt7nKC8BMzj66JjBXVppS8WS4xq68JkH6lL9l+HLiHn9KhzAKJAV02niBTXcYV4ApXlUcLo3HA3NejLDv7VdfyIlks067jTlzBVPRK5peSU+J+EmDVZ6tcruEuB8Tfz5uRhL0SGyu5w2Vzo6sLyuxBL4aaj+DfQBmmj+tkBYnUob+U/BOiMOSN2KgxI5e+olYiwaAacn5Do9OQM5CuULL3S+oZDj/9i0C3Lef2USJl5N+69tRvhGua9kc6AAaX20xq8RSVq06diFA9+dhCl1VmnF7HDMOEIqx9ZHes6opk2SAYN6qayKQy+oG/I7KHQnkr4bLlpQmu6P5r6JNic4D3RQwXrehORcRyIkDCBhW2NcIPYwIS5P36J5dadVgA6sOFl/vQ5lwsOyI/8rokwnk/qyneboc2z51+xE+88RNHRfcP3fbd5C6Kxr/tbkESMEhInUeDA+k0mhf2HeZ+0yjnjfytBp/lwqDP5OENJB8y9Ma6YM58xGL1cczPRfdFzNZl6MkzadnVpzXGmiXBX7PZmGHIi2JDSejai18CZVY3TSD5lvBI1BkvgUZSXVggNMPkMQHSRL15c7eD+xIVj9gqglCXXdYg11z3kfkfaG8/Tuf3pZqI/720MZAV8Kn3PkGzDWpNJbuJv9/lkwjbb2yAoDM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(396003)(136003)(39860400002)(366004)(346002)(7696005)(86362001)(9686003)(6506007)(110136005)(41300700001)(26005)(54906003)(55016003)(71200400001)(478600001)(38070700005)(786003)(316002)(38100700002)(122000001)(186003)(66446008)(66476007)(8676002)(64756008)(66556008)(66946007)(83380400001)(4326008)(33656002)(5660300002)(2906002)(76116006)(8936002)(52536014); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ZL7VKEnbLgQw3agQyZZWyvBH5q4h/xoViH5s79u36k6fzng3d22DiSUObyW52+fN/gejXIjogp9nzfGeuy1RSWZrWrkKNyoZwu3YoVJnhbGcJ5VXiOWnzD1ki/0llXBFzf2ndBUp5pKhSshGcmzZu3Qn4fmWIPff6YOMG+Abi3n5A2qZ3LnCSX3RJOpcxnbK7mb4vzrFn4WVqQ95zj5vOfb7zAjSA2fzquGFfAC9flQ/ZJduxRN7n+sT+k9qJdUFvvRTm23Xjsk0qj7qXC7PsSHfdnbaJ4EeeVujjWx/dxfFbHuqI7EO3VZtt66mNGForVUUFoMUE4g+PeiLNGdxXIGfWLqY6rL3JphuHMfD1JuUg7NXuOCKdhYpWT6t9rNQtd7gotJnz6BDku/naOYpmDcNpK+By1TQP16o2qyb36wLbK80eXIcvOtNMMEKyi1tQdN3oOhAdZpPUcN8hiFHcC9QEXFbtPgn30dvbygU/AvwwTgXLgAzEvM2+FZfa1SCDwju2QwS/8myZ9CGReHdXZCUz/9VYEIA4oNhptTqD3as6Qbh17ZWU5MFubsoOymW+I0p75z4gOLlIENSHfcEpw2IlTwazQo73qS4AKLl/c5PYGBVK25zUA1PnUD5iENrFJqQ/ZEHBci8MIZ+lbiZbfh2tzj0PCXcomq/YeOvryFMOygCjcucTXDU0HbXh/hT0ffxBtkTHX7xtctK1ppDg+kYDttEZkfIcoYwZ6klxPn8F9s6/iFZk7GsSgNPKKYSkw2K9LidW2jb55cwD7N7j+SLRVT1avEpk43Pl4fdc5ccfH90gOh9VIInDAmhbND9eR1qkTmORKdvFDDnwYZICRXP2t9y17YGzmR5e4ql0C/r3aCb36dctJR7xjftOSt2DtsW3DBEAapBIZvIQ99ZpgBUfaTPkcjFpMAjexeVFo6Sy5ZcL76Fs6vrTud8arVcAdubg8roGtA8731fXfdq2a6F+4GxHsTuFCkV4Y7+G49kJDR7ffHlFjmhC+r60gyb9CqOWBu8ZINsE6+z0m5ljWiiH5WZ8smtCPFRRufm8sQKsCSG/eQ5K9JBXuot1rZ0BxmNfmwx/srlvYnIrrdhi1/GMnJGddvKXYZDhju9hKXgifH74lHDhrVgDXQtGG3WDBWeFvs7PyEdUwrvyIjJMF0Qgfdz3cq5m7LA16eYWzztbWX1l7B6ngzhIj7CORXFYzQbj3AhaHKPp/JgTxJW2gxBjeWie7Va8BCr66SO3jIfTJ4SsaNluVmV/UEq7xKJbojf+nEVSH6oujLFBa4oStYXkfee8X+Oz07zwqVG7nYMtsWhL8k6zslrOpgZ0RL4syG3Abd0vy0wJ7XKY+0CqO/2w7Apso+/CZdLZk7qep5lCqmYrLmW8OQbMz9ERz8HNm5ZZGrAxS+IISH/0z2YuCFo6/WPkVuJqkmSIAIYY9BkzJp4n/FVa6WRSR/exkMuxJqZHr4eG2Ljna+lDJOptlsXDnl+rTYXcyDxxgZ8qM0oLjkxIxvEf9h8tz/8sYV5RptzJCylTQaHMFsLmnKERmQ8opJXpiL92fsyatwrML9KGHKsDIDZXJNe1r1u2z0CYP46/TI9lFP6jGW8+loLxw==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 511687b2-23b9-4ca7-88e8-08da75166a25
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Aug 2022 06:07:15.6609 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RjBuQk8vOsrCaP7v11FZ3/sziybnNVVDfSKoEn11mqzMYX+wS2y6zTG92dZ35ZQ6hK35rLE710G1SwtjEaR0zL0V1tIVtId23pMlI/xl3WA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYAPR01MB2591
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/ltlG4q65wMB-DvuEmgJItiN_7qo>
Subject: Re: [Uta] [art] Artart last call review of draft-ietf-uta-rfc7525bis-09
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2022 06:07:24 -0000

Peter Saint-Andre <stpeter@stpeter.im> writes:

>Hi Cullen, having looked more closely at the text that's already in 7525bis,
>I have a few questions inline...

Me too, specifically in regard to the "DHE negotiation is broken" comment.
The draft says:

      However, TLS 1.2 implementations SHOULD
      NOT negotiate cipher suites based on ephemeral finite-field
      Diffie-Hellman key agreement (i.e., "TLS_DHE_*" suites).  This is
      justified by the known fragility of the construction (see
      [RACCOON])

Raccoon relies on reuse of ephemeral values.  If a DH*Ephemeral*
implementation reuses the ephemeral values it's not TLS_DHE_whatever any more,
it's TLS_DH_whatever. So this isn't a valid criticism of DHE, since it's not
DHE.

It's really not that hard to do DHE properly.  The solution isn't to throw out
all use of DHE [0] but to specify what to do to avoid doing DHE badly.

Peter.

[0] A problem all too common in crypto protocols, instead of specifying a few
    simple steps to fix this one we'll throw the whole thing out and invent a
    completely new one, and start again from scratch with a new set of flaws 
    to discover over time.

v2.23.0 | Report a Bug | By Email