[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comments on Mandatory Ciphers and a Proposal

To: ietf-tls@xxxxxxxxxxxxx
Subject: Comments on Mandatory Ciphers and a Proposal
From: "Jeffrey I. Schiller" <jis@xxxxxxx>
Date: Tue, 22 Jul 1997 20:21:29 -0400
Reply-to: <ietf-tls@xxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----

        Let me make some comments on what it means to be "mandatory to
implement." I have been reading the list archive (though I have yet to
read every message on this subject) and have found some common
misconceptions.

o The purpose of mandatory to implement algorithms/protocols is to
  ensure that two independently implemented versions of an IETF protocol
  specification will be able to communicate with each other.

o The "Danvers Doctrine" (I like that name) simply stated that the
  IETF should standardize on the best security technology and should not
  "dumb down" a version because of some country's export control
  rules. If a company believes that it is being hurt in the market place
  by its countries export control laws, it should take that subject up
  with its government and not demand that the IETF change our standards
  to accommodate that government.

        Although I have not done a scientific study, it appears to be
that this doctrine is supported overwhelmingly by USERS of the
technology. Heck, people want the best stuff they can. It is less
supported by implementers as they are the ones who feel the market
pressure from foreign competitors.

        Mandatory to implement means that a protocol implementor MUST
implement the mandatory portion of the specification. It does *NOT*
require that end-users use that portion. In other words we are *not*
demanding that all users of TLS use 3DES (or DES), we are just saying
that implementers MUST give them the option to in compliant products.

        I would be willing to buy into the following compromise (of
course before this would be approved by the IESG, the rest of the IESG
would have to buy in as well):

Have: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA *and*
      TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA

as mandatory (along with the anonymous variants as well, for a total
of four cipher suite in all. In fact this is the same set that Tim
Dierks proposes as "SHOULDs" in his message).

        In this fashion a U.S. company (assuming that 3DES is not
exportable) would *not* be able to distribute broadly overseas a fully
compliant version of TLS (sorry). However if they only remove 3DES but
leave DES40 available, they will be able to interoperate with
compliant versions because the compliant versions will still have to
support DES40. Of course the compliant version's user may decide to
inhibit connections using that cipher suite, but it will be the
end-user's choice.

        What do people think? (Note: I can only devote a limited
bandwidth to this discussion...).

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBM9VOVcUtR20Nv5BtAQEHlwP/eM9xls92UMY+HI0JSRL4Da6gj4PDtz11
/DJeorTWAIIhKq+DkZnbKklKesVphEPEy8B63vpe0MS3PsPVELLRuzu+pkM+Fp9r
Py/7Y7usmcmYWcCgCmBqDWzNDvv+bb0ouEjNo7XFbBE+NeME1vBTPTSP35zl+MPP
UcX7eOW6Hkw=
=Mb82
-----END PGP SIGNATURE-----

Prev by Date: SASL will soon go to IETF Wide (4 week) Last Call
Next by Date: Re: Comments on Mandatory Ciphers and a Proposal
Previous by thread: SASL will soon go to IETF Wide (4 week) Last Call
Next by thread: Re: Comments on Mandatory Ciphers and a Proposal
Index(es):
- Date
- Thread