On Wed, 24 Aug 2016 19:08:02 -0700 Tony Arcieri <basc...@gmail.com> wrote:
> Should there be a 3DES "diediedie"? I think a 3des diediedie rfc would be a good idea. I was wondering yesterday whether I should disable 3des on my servers. I'd likely exclude a small portion of my visitors for a very small security gain. Having a diediedie rfc would indicate that a significant portion of the net agrees that we want to hard-deprecate 3des. I'd feel more comfortable disabling it on my servers if I know that a reasonable number of other servers will do the same thing, because users with a 3des/rc4-only browser will not only see failures on my site, they will see failures all the time and will be forced to switch. Forcing them to switch is also probably almost always a good thing. Even for users who are stuck on Windows XP for whatever reason probably have better options than sticking to builtin IE - e.g. they can use Firefox, which is still supporting XP and offers modern ciphers. Appart from that more operational argument, as far as I can see the attack scenarios for RC4 and 3DES are in the same ballpark of complexity. Not very practical, but practical enough to make us feel uneasy, because we want TLS to provide reasonable protection even against ulikely scenarios. We decided to deprecate RC4 with an RFC, so it seems logical to deprecate 3DES as well. (while we are at it: I'm not sure, do we have any official RFC deprecating the even older ciphers - Single-DES, RC2 etc. - yet? We could just stuff that in) -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
pgpOQJMA9gIKG.pgp
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls