IETF Logo Mail Archive

Re: [Uta] On prohibiting RC4

Franck Martin <franck@peachymango.org> Fri, 07 March 2014 19:56 UTC

Return-Path: <franck@peachymango.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 541021A014D for <uta@ietfa.amsl.com>; Fri, 7 Mar 2014 11:56:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cElvaVtce3J4 for <uta@ietfa.amsl.com>; Fri, 7 Mar 2014 11:56:29 -0800 (PST)
Received: from smtp.01.com (smtp.01.com [199.36.142.181]) by ietfa.amsl.com (Postfix) with ESMTP id BC4DD1A00C2 for <uta@ietf.org>; Fri, 7 Mar 2014 11:56:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by smtp-out-2.01.com (Postfix) with ESMTP id 3A2354F7139; Fri, 7 Mar 2014 13:56:25 -0600 (CST)
X-Virus-Scanned: amavisd-new at smtp-out-2.01.com
Received: from smtp.01.com ([127.0.0.1]) by localhost (smtp-out-2.01.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8jAKoADAmc5L; Fri, 7 Mar 2014 13:56:25 -0600 (CST)
Received: from smtp.01.com (localhost [127.0.0.1]) by smtp-out-2.01.com (Postfix) with ESMTP id 1C6F04F713C; Fri, 7 Mar 2014 13:56:25 -0600 (CST)
Received: from localhost (localhost [127.0.0.1]) by smtp-out-2.01.com (Postfix) with ESMTP id 06EAC4F713A; Fri, 7 Mar 2014 13:56:25 -0600 (CST)
X-Virus-Scanned: amavisd-new at smtp-out-2.01.com
Received: from smtp.01.com ([127.0.0.1]) by localhost (smtp-out-2.01.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 9Qx_cRL10rHj; Fri, 7 Mar 2014 13:56:24 -0600 (CST)
Received: from mail-2.01.com (mail.01.com [172.18.30.178]) by smtp-out-2.01.com (Postfix) with ESMTP id D9D914F7139; Fri, 7 Mar 2014 13:56:24 -0600 (CST)
Date: Fri, 07 Mar 2014 13:56:24 -0600
From: Franck Martin <franck@peachymango.org>
To: Andrei Popov <Andrei.Popov@microsoft.com>
Message-ID: <1225650033.164758.1394222184480.JavaMail.zimbra@peachymango.org>
In-Reply-To: <WM!8ae0f44896145d148325458bc1d09e5fa1d57000e9ca80f0be357d892e7a05dd87da8c1363687a88bb1f59efd9b6d741!@asav-2.01.com>
References: <2A0EFB9C05D0164E98F19BB0AF3708C711FB9AAD73@USMBX1.msg.corp.akamai.com> <5319AF96.7000407@akr.io> <2A0EFB9C05D0164E98F19BB0AF3708C711FB9AADD7@USMBX1.msg.corp.akamai.com> <147c6c280e2044ac97624762410872ff@BL2PR03MB419.namprd03.prod.outlook.com> <WM!8ae0f44896145d148325458bc1d09e5fa1d57000e9ca80f0be357d892e7a05dd87da8c1363687a88bb1f59efd9b6d741!@asav-2.01.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [69.28.149.129]
X-Mailer: Zimbra 8.0.5_GA_5839 (ZimbraWebClient - FF27 (Mac)/8.0.5_GA_5839)
Thread-Topic: [Uta] On prohibiting RC4
Thread-Index: Ac8564QKs0rdCOVSTiywj6IZRlSaLAADiv8AAAJlVQAADIaAwD2m4W5A
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/rdRwmXCP81EZYcaX1_-2wVuTbo0
Cc: Alyssa Rowan <akr@akr.io>, Rich Salz <rsalz@akamai.com>, uta@ietf.org
Subject: Re: [Uta] On prohibiting RC4
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Mar 2014 19:56:31 -0000

----- Original Message -----
> From: "Andrei Popov" <Andrei.Popov@microsoft.com>
> To: "Rich Salz" <rsalz@akamai.com>, "Alyssa Rowan" <akr@akr.io>, uta@ietf.org
> Sent: Friday, March 7, 2014 7:22:46 PM
> Subject: Re: [Uta] On prohibiting RC4
> 
> > It depends on what you're concerned about.  From a global view, I'm
> > concerned about perpass. From a commercial view, I'm perhaps more worried
> > about my customers getting through to me.
> 
> Are you dealing with a significant number of RC4-only TLS clients? When we
> tried to disable RC4 altogether here at MS, the issues we ran into were
> mostly with the TLS servers that would not speak anything but RC4 (not just
> web servers, but other applications such as e-mail). We were nevertheless
> able to have IE not offer RC4 on the initial connection attempt.
> 
> If adopted, the RC4 deprecation draft would hopefully send a strong message
> to the industry and help us phase out RC4 sooner.
> 
I have not dived into this selection process yet, but I see RC4 a lot in SMTP.

I think the problem is in ciphersuite selection, it is the client that propose a list of ciphers and the server that picks the one it likes. The whole selection process seems not standardized or with little control settings.

Is someone making (or has already done) a standard to select ciphersuites, and can they rank the ciphersuites across 2 dimensions: speed, strength?

It seems openssl allows you to select the cipher list in an ordered fashion:
https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT
"Include only 3DES ciphers and then place RSA ciphers last: openssl ciphers -v '3DES:+RSA'"

What the string should be? How hard is it to manage this string and keep it up to date? Can this work group (or the TLS one) provide some regular advice?

"the cipher string @STRENGTH can be used at any point to sort the current cipher list in order of encryption algorithm key length."
Seems to me we need the sort to be in the opposite direction from strong to weak...

That's openssl, what about gnuTLS?

There is a great deal of configuration in postfix on this subject, but basically it relies on openssl point of view:
http://www.postfix.org/TLS_README.html#server_cipher

This should not be rocket science for most postmasters.

Then, we can place RC4 last for opportunistic TLS and eventually deprecate it.

v2.23.0 | Report a Bug | By Email