On 07 Aug 2015, at 06:14, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> On Fri, Aug 07, 2015 at 02:55:42AM +0200, DTNX Postmaster wrote: > >> For most systems, monitoring the status of their encryption just isn't >> done at all; they use the defaults their device or server came with at >> the time they purchased it, and rarely keep up with the times. > > They don't need to. There's nothing wrong with outdated crypto on > systems that wouldn't even encrypt if encryption weren't on by > default. We'll get more decent security through a natural process > of deployment of more capable systems and retirement of less capable > systems. Eventually, there'll be no demand for RC4 (for example), > and we'll be able to turn it off with no noticeable degradation to > cleartext. Later still (another ~5 years?) we'll be able to turn > off TLS 1.0... Except when they DO need to; Microsoft, for example, has shipped Schannel with horrid defaults for a long time, which affects not just SMTP, but also the authenticated users on those systems. Many of those are not kept up to date, which leads to servers that actually support TLSv1.2, but offer only SSLv2, SSLv3 and TLSv1 in practice, with a suboptimal set of ciphers. Because it's turned off by default. Arguing that these systems do not need to be maintained until they are replaced does us all a disservice. The era of Set and Forget is over; if you connect something to the Internet, maintain it as long as it has that connection. Mvg, Joni
