- From: Doyle, Bill <wdoyle@mitre.org>
- Date: Thu, 17 Jul 2008 10:25:35 -0400
- To: "Thomas Roessler" <tlr@w3.org>
- Cc: <stephen.farrell@cs.tcd.ie>, <pbaker@verisign.com>, <johnath@mozilla.com>, <yngve@opera.com>, <public-wsc-wg@w3.org>
Although I realize that more information exists in the current TLS/SSL specification including cipher strength, key length and actual cipher, Thomas did the best that we can do binding WSC strong TLS algorithms to a standard. It would be great if IETF added more information to the cipher groupings to support IA I also feel that IA needs to be bound to a standards body effort. So, although other mechanisms and programs exist to determine IA strength of certificates, I will agree with the definition of Strong TLS algorithms as currently written. Bill D. -----Original Message----- From: Thomas Roessler [mailto:tlr@w3.org] Sent: Monday, July 14, 2008 2:56 PM To: Doyle, Bill Cc: stephen.farrell@cs.tcd.ie; pbaker@verisign.com; johnath@mozilla.com; yngve@opera.com; public-wsc-wg@w3.org Subject: Re: ACTION-426: strong and weak TLS algorithms(incorporateISSUE-128text) We're referencing A.5 from seciton 5.2: http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#typesoftls >When this document speaks of [Definition: Strong TLS algorithms], >then the following must hold: > > 1. No version of the TLS protocol that suffers known security > flaws has been negotiated. At the point of writing of this > document, versions of SSL prior to SSLv3 [SSLv3] MUST NOT be > considered strong. > > 2. A cipher suite has been selected for which key and algorithm > strengths correspond to industry practice. At the time of writing > of this document, the "export" cipher suites explicitly forbidden > in appendix A.5 of [TLSv11] MUST NOT be considered strong. Regards, -- Thomas Roessler, W3C <tlr@w3.org> On 2008-07-14 14:51:43 -0400, Bill Doyle wrote: > From: "Doyle, Bill" <wdoyle@mitre.org> > To: Thomas Roessler <tlr@w3.org> > Cc: stephen.farrell@cs.tcd.ie, pbaker@verisign.com, johnath@mozilla.com, > yngve@opera.com, public-wsc-wg@w3.org > Date: Mon, 14 Jul 2008 14:51:43 -0400 > Subject: RE: ACTION-426: strong and weak TLS algorithms (incorporateISSUE-128text) > X-Spam-Level: > X-Bogosity: Unsure, tests=bogofilter, spamicity=0.491070, version=1.1.6 > > This is really quite late response but in looking at > > Network Working Group T. > Dierks > Request for Comments: 4346 > Independent > Obsoletes: 2246 E. > Rescorla > Category: Standards Track RTFM, > Inc. > April > 2006 > > > The Transport Layer Security (TLS) Protocol > Version 1.1 > > > Appendix 5 notes ciphersuite definitions that are not considered secure > > http://tools.ietf.org/html/rfc4346#appendix-A.5 > > > > -----Original Message----- > From: Thomas Roessler [mailto:tlr@w3.org] > Sent: Wednesday, June 11, 2008 2:08 PM > To: Doyle, Bill > Cc: stephen.farrell@cs.tcd.ie; pbaker@verisign.com; > johnath@mozilla.com; yngve@opera.com; public-wsc-wg@w3.org > Subject: Re: ACTION-426: strong and weak TLS algorithms > (incorporateISSUE-128text) > > For context: > http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#def-strong-algos > > On 2008-06-11 13:46:06 -0400, Bill Doyle wrote: > > > I like it - > > Thanks. > > > SSLv3 is deprecated - supported ciphers are no longer strong enough, > > industry moves forward. > > I'm happy to add this one to the list of things that you really must > not consider strong. Which brings me to another point: It's > probably worth using RFC 2119 verbiage when we enumerate what's > considered weak or strong. I've made that change in the latest > version, and would actually be tempted to change this further to say > that: > > SSLv3 SHOULD NOT be considered strong. > > I also wonder if it's worth saying a word about MD5-based certs. > > > Is the IETF grouping ciphers in a way that enables weak ciphers to be > > noted? Export grade is easy, not sure about others. > > Not that I'd know. > > Cheers, > -- > Thomas Roessler, W3C <tlr@w3.org> > >
Received on Thursday, 17 July 2008 14:27:23 UTC