----- Original Message ----- > From: "Viktor Dukhovni" <[email protected]> > To: [email protected] > Sent: Friday, 28 March, 2014 7:49:33 PM > Subject: Re: Insecure DEFAULT cipher set > > On Fri, Mar 28, 2014 at 02:39:17PM -0400, Hubert Kario wrote: > > > > As must RC4-SHA1. There are still considerably many Windows XP > > > and Windows 2003 systems whose strongest working cipher-suite is > > > RC4-SHA1, and whose 3DES cipher-suite implements broken CBC padding > > > (perhaps the breakage is in appications rather than the TLS library, > > > but this is not important). > > > > I have not known that XP implementation of 3DES-CBC is broken, can > > you provide some more info about that? > > I've observed and reported (Google for my name and this issue) this > frequently with Exchange 2003 on Windows 2003 servers, which botches > 3DES CBC padding. I've heard rumour of similar problems with IIS, > but have not personally tested this. > > I am much more concerned about servers than clients, but it is > likely that TLS client apps on XP (perhaps Outlook Express, ...) > also have similar problems.
>From what I found through googling I see that the issue was actually fixed quite a few years ago. I don't think we should put known weak ciphers in future version of openssl's DEFAULT set to work with software configuration that is not supported by the vendor right now and won't be supported at all in just over a year. And since current order already puts 3DES before RC4, people that need to workaround this issue, already know about it, so even if they update to future openssl version, they know the solution. The workaround won't change. -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: [email protected] Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
