Re: [TLS] draft-dkg-tls-reject-static-dh

Fri, 07 Dec 2018 21:22:05 -0800 

Daniel Kahn Gillmor <d...@fifthhorseman.net> writes:

>> [0] "In principal" because there's a fair bit of SCADA gear that does this
>>     because it doesn't have the CPU power to generate new DHE values, as I 
>>     found out when I turned on non-DHE checking some years ago.
>
>Is this SCADA gear running TLS 1.3?  is it clients and servers both, or just
>one or the other?  When was this scan done?  i'd love to see more
>documentation about this practice.

No, it'd be mostly 1.0, moving slowly to 1.2 at some stage (I spend a fair
chunk of yesterday debugging a handshake failure that turned out to be the
fact that the current, most-recent release of the code in a fairly significant
code base can't understand anything newer than TLS 1.0).  It wasn't a rigorous
scan, it just got enabled for a new release and then there were enough
complaints about it breaking things that it got removed again.

I don't really know if it's possible to do any kind of useful survey of the
SCADA environment because most of it is invisible to the public internet, you
just try various things on a small basis and if no-one complains, push it out
to more and more users and hope you don't get complaints.  Sometimes things
break, for example within the last month we had a customer who thought "USA"
was a valid ISO 3166 country code:

231  12:       SET {
233  10:         SEQUENCE {
235   3:           OBJECT IDENTIFIER countryName (2 5 4 6)
240   3:           PrintableString 'USA'
       :           }
       :         }

Since no-one seems to check whether the C= component in a DN is a valid
country or even looks like a valid C= component, it hadn't been noticed
before.  No idea what would have ended up in there if they were in Saint
Vincent and the Grenadines or the Federated States of Micronesia.

Anyway, I don't have any real data, just that it was common enough that we had
to remove the check again.  When I talk about SCADA stuff and it sounds rather
anecdotal that's because it usually is, you enable a new feature and if you
don't get complaints, leave it enabled, but that's as far as it goes in terms
of coverage.

Peter.

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to