Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
On 2015-03-14 01:23, kim.da...@safe-mail.net wrote: Is there an agreed timeline for deprecation of the technologies listed in the initial posting? We should be proactive in this field. For example, last month a plan to deploy 12000 devices to medical professionals has been finalised, despite the devices using 1024bit RSA keys - on the grounds that it works in current browsers and will likely keep working for the next 10 years. I am not happy about such outcomes. Whoever thinks that this will keep working for the next 10 years is clearly misinformed. CAs should not be issuing such certificates. If they do, please let us know which CA does that so we can talk to them about revoking them. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
Le lundi 16 mars 2015 10:29:08 UTC+1, Kurt Roeckx a écrit : On 2015-03-14 01:23, kim@safe-mail.net wrote: Is there an agreed timeline for deprecation of the technologies listed in the initial posting? We should be proactive in this field. For example, last month a plan to deploy 12000 devices to medical professionals has been finalised, despite the devices using 1024bit RSA keys - on the grounds that it works in current browsers and will likely keep working for the next 10 years. I am not happy about such outcomes. Whoever thinks that this will keep working for the next 10 years is clearly misinformed. CAs should not be issuing such certificates. If they do, please let us know which CA does that so we can talk to them about revoking them. There's nothing in the OP post saying those certificates would be issued under a public CA. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
On Mon, March 16, 2015 1:06 pm, Erwann Abalea wrote: Phase RSA1024 out? I vote for it. Where's the ballot? :) This is a browser-side change. No ballot required (the only issue *should* be non-BR compliant certificates issued before the BR effective date) https://code.google.com/p/chromium/issues/detail?id=467663 for Chrome, but unfortunately, can't share the user data as widely. Perhaps Mozilla will consider collecting this as part of their telemetry (if they aren't already) This still leaves 'internal CAs' as an open issue. However, we can limit the enforcement to signatures that chain to a trusted CA, significantly reducing the risk to end users of state-sponsored key factoring of 1024-bit keys. Which is certainly a reasonable concern, even for the most paranoid. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
Ryan Sleevi ryan-mozdevtechcry...@sleevi.com wrote: On Mon, March 16, 2015 1:06 pm, Erwann Abalea wrote: Phase RSA1024 out? I vote for it. Where's the ballot? :) This is a browser-side change. No ballot required (the only issue *should* be non-BR compliant certificates issued before the BR effective date) https://code.google.com/p/chromium/issues/detail?id=467663 for Chrome, but unfortunately, can't share the user data as widely. Perhaps Mozilla will consider collecting this as part of their telemetry (if they aren't already) The Fx telemetry is https://bugzilla.mozilla.org/show_bug.cgi?id=1049740 and the Fx bug for removing support for 2048-bit certificates is https://bugzilla.mozilla.org/show_bug.cgi?id=1137484. Cheers, Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
On Mon, March 16, 2015 10:24 am, Erwann Abalea wrote: Le lundi 16 mars 2015 10:29:08 UTC+1, Kurt Roeckx a écrit : On 2015-03-14 01:23, kim@safe-mail.net wrote: Is there an agreed timeline for deprecation of the technologies listed in the initial posting? We should be proactive in this field. For example, last month a plan to deploy 12000 devices to medical professionals has been finalised, despite the devices using 1024bit RSA keys - on the grounds that it works in current browsers and will likely keep working for the next 10 years. I am not happy about such outcomes. Whoever thinks that this will keep working for the next 10 years is clearly misinformed. CAs should not be issuing such certificates. If they do, please let us know which CA does that so we can talk to them about revoking them. There's nothing in the OP post saying those certificates would be issued under a public CA. My goal is to phase these out in Chrome by the end of the year. We have ample evidence that suggests this is reasonable. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Remove Legacy TLS Ciphersuites from Initial Handshake by Default
Le lundi 16 mars 2015 19:47:30 UTC+1, Ryan Sleevi a écrit : On Mon, March 16, 2015 10:24 am, Erwann Abalea wrote: Le lundi 16 mars 2015 10:29:08 UTC+1, Kurt Roeckx a écrit : On 2015-03-14 01:23, kim@safe-mail.net wrote: Is there an agreed timeline for deprecation of the technologies listed in the initial posting? We should be proactive in this field. For example, last month a plan to deploy 12000 devices to medical professionals has been finalised, despite the devices using 1024bit RSA keys - on the grounds that it works in current browsers and will likely keep working for the next 10 years. I am not happy about such outcomes. Whoever thinks that this will keep working for the next 10 years is clearly misinformed. CAs should not be issuing such certificates. If they do, please let us know which CA does that so we can talk to them about revoking them. There's nothing in the OP post saying those certificates would be issued under a public CA. My goal is to phase these out in Chrome by the end of the year. We have ample evidence that suggests this is reasonable. Phase RSA1024 out? I vote for it. Where's the ballot? :) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto