"Nelson B. Bolyard" wrote:
> The SSL3 and TLS protocols have the client send a list of the ciphersuites
> it (the client) supports to the server. This list provides no means to
> indicate that some ciphersuites are supported only in one version but not
> another (e.g. in SSL3, not TLS). So, in effect, a client that supports TLS
> and SSL3 must support any SSL3/TLS ciphersuite in both SSL3 and TLS.
OK, I see what you're getting at here. However unless I'm missing
something, for TLS a FIPS ciphersuite would simply map directly to the
non-FIPS ciphersuite; i.e., if a FIPS-aware server saw a request for
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA on a TLS connection then it would
simply interpret it as meaning the same thing as
SSL_RSA_WITH_3DES_EDE_CBC_SHA.
> Now that we support TLS, it is my opinion that we should drop the old
> proprietary "FIPS" ciphersuites ASAP.
I agree in principle, assuming that the servers on the other side
support TLS as well. (I haven't kept up with the development of the
iPlanet servers, so I don't know where they are with regard to TLS
support in the released versions.) Also, there are two ways to "drop"
the the FIPS ciphersuite: They could be removed entirely, or they could
be removed only from the UI, but still available "underneath" (say by a
pref). The latter might be considered as an interim migration strategy,
prior to totally removing support.
> TLS with DES is FIPS compliant
> without any additional special ciphersuites. The "FIPS" ciphersuites
> were meant to be only a temporary measure until such time as we implemented
> TLS, which we have now done.
Correct, eliminating the FIPS ciphersuites is the goal, although as I
understand it there is at least in theory a migration issue. As long as
there are servers deployed that support the FIPS ciphersuites but don't
support TLS, then there is the possibility that a client would encounter
a server that has the FIPS ciphersuites enabled but not the non-FIPS
ciphersuites, and doesn't support TLS either. If the client didn't have
FIPS ciphersuite support at all (i.e., it had been completely removed
per your suggestion) then it would fail to connect to this server, no?
And if the user couldn't get the server administrators to change the
configuration then they would be SOL. I admit that this is a very
low-probability scenario, not least because such a server would also
reject IE clients; also, when I was more directly involved in this issue
I don't in fact remember anyone configuring their servers this way.
So the bottom line is that I can definitely see removing FIPS
ciphersuites from the UI, so that the user doesn't see them; I'm more
undecided on whether it makes sense to completely remove support at this
time. However in any case this is no longer a decision that I personally
have any stake in, so do what you will.
Frank
--
Frank Hecker work: http://www.collab.net/
[EMAIL PROTECTED] home: http://www.hecker.org/
