> On Aug 24, 2016, at 10:34 PM, Tony Arcieri <[email protected]> wrote: > > I am particularly interested in 3DES's usage in TLS, given its previous MTI > status in TLS, and because it was until very recently included in the OpenSSL > "DEFAULT" ciphersuite list.
For the record, it is only removed from the "DEFAULT" ciphersuite list in tomorrow's (US/Eastern, today already for folks in Europe) 1.1.0 release. In the 1.0.x releases it will change from "HIGH" to "MEDIUM", but remains in "DEFAULT". Users who elect just "HIGH" ciphers will not use 3DES, but those who go with "DEFAULT" or explicitly include "MEDIUM" will generally continue to enable 3DES as a low preference ciphersuite. https://www.openssl.org/blog/blog/2016/08/24/sweet32/ My personal take is quoted in: http://arstechnica.com/security/2016/08/new-attack-can-pluck-secrets-from-1-of-https-traffic-affects-top-sites/ "We're not making a fuss about the 3DES issue, and rating it 'LOW'," Dukhovni wrote. "The 3DES issue is of little practical consequence at this time. It is just a matter of good hygiene to start saying goodbye to 3DES." I am not opposed to a "diediedie" RFC, if that is likely to be helpful. For TLS, this ciphersuite is already comparatively rare, and perhaps its disappearance will not be sped up by a "diediedie" RFC? Would an RFC help to prod vendors into action more than the already published findings? Would our collective energies be better focused on other, more pressing goals? -- Viktor. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
