On Tuesday 18 August 2015 17:02:24 Viktor Dukhovni wrote: > On Tue, Aug 18, 2015 at 06:48:25PM +0200, Hubert Kario wrote: > > > So what's the final resolution of this? Should we keep or drop > > > > > > the new PSK RC4 and PSK 3DES codepoints: > > > TLS_RSA_PSK_WITH_RC4_128_SHA RSA-PSK-RC4-SHA > > > TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA RSA-PSK-3DES-EDE-CBC-SHA > > > > how do you define "remove"? > > > > 1. not part of DEFAULT, part of ALL? > > 2. part of COMPLEMENTOFALL > > 3. behind compile time option > > 4. behind #if 0 > > 5. actually removed from source > > > > 1-3 are fine by me, 4 I wouldn't like, I'm against 5 > > These are brand new cipher suites, never before seen in OpenSSL.
they are brand new only in OpenSSL, not in general > The argument is that it makes no sense to *add* these, because > they're already obsolete. So I was hoping for 4 or 5. If you have a server or a client which needs to interoperate with both very old systems and new systems, you need both obsolete and modern ciphers at the same time. as long as OpenSSL ships support for single DES by default, giving those ciphers the treatment 4 is... inconsistent... to put it mildly. > > > On a related note (for those also reading the TLS WG list), any > > > thoughts on deprecating any or all of the kDHr, kDHd, kECDHr, kECDHe > > > ciphers? > > > > if "deprecate" means 1) or 2), I'm all for it > > For these, I'd like to suggest at least 2, but is there any need > to actually support the underlying static (EC)DH key exchange > methods? Who needs these? Why work so hard to defeat forward > secrecy and enable the KCI attacks? > > We can lose a bunch of code and attack surface by not supporting > fixed (EC)DH. Does this code have any users? I've heard that there are servers which support those exclusively, so yes, they do have users. But I can't point at an example server as I haven't seen them in Alexa top 1M. -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
