Re: [Uta] Fwd: New Version Notification for draft-ietf-uta-tls-bcp-05.txt

Tue, 21 Oct 2014 19:20:39 -0700 

On 10/14/14, 1:36 PM, Viktor Dukhovni wrote:

On Tue, Oct 14, 2014 at 05:59:13PM +0300, Yaron Sheffer wrote:


Thanks for your comments!

I agree we SHOULD tone down a few of the requirements, to make sure we do
accommodate the opportunistic use case.


Thanks.
I would rather throw out the opportunistic use case completely than dumb down this BCP. 


OTOH I agree with Aaron on (for example) still forbidding export-level
ciphers.


Absolutely on board for export-grade ciphers, since they are in
practice no longer in use.  So banning them has no operational impact.
That's an awfully low bar for a BCP: ban things that have no operational impact. 


I may not be able to convince Wietse that Postfix should default
to disabling these, but I have no objections to a draft that states
that these MUST NOT be used.


We all should compromise a little bit so that we can have a single BCP for
both the authenticated and unauthenticated use cases.


Understood.  There is room to state stronger requirements for
mandatory TLS and somewhat more liberal requirements for unauthenticated
opportunistic TLS (already vulnerable to many active attacks).
It is possible that we can do that, but Viktor your very long and detailed messages about the opportunistic use case are difficult to absorb and then incorporate into the base BCP. Speaking as an author of draft-ietf-uta-tls-bcp, I would much prefer that you write a very thorough OE/OS BCP in the way that only you can do, rather than try to address every point that you raise in these long email threads. 

Quick win!


E.g.:

     * Mandatory TLS MUST NOT use RC4, SSL 3.0, ...

     * Unauthenticated opportunistic TLS MAY only as a last resort,
       when no stronger options are available, negotiate RC4, SSL 3.0, ...

[ Note that when opportunistic DANE TLS determines via appropriate
   TLSA records that the peer is to be authenticated with DANE, the
   applicable requirements are those for mandatory TLS. ]
IMHO DANE is out of scope for this document. It's forward-looking and is being address by the DANE WG.
Future documents (OE/OS, DANE, etc.) can always update the base BCP for TLS+PKI. 

If we don't scope this work carefully, we'll never finish.

Peter

--
Peter Saint-Andre
https://andyet.com/

_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta

Reply via email to