On Fri, Dec 4, 2015 at 1:17 PM Hubert Kario <hka...@redhat.com> wrote:
> On Friday 04 December 2015 00:52:08 Hanno Böck wrote: > > * Fully deprecate RSA key exchange. > > The compatibility costs of this one are high. They are even higher > > considering the fact that chrome wants to deprecate dhe and use rsa as > > their fallback for hosts not doing ecdhe. ecdhe implementations > > weren't widespred until quite recently. A lot of patent foo has e.g. > > stopped some linux distros from shipping it. > > Then maybe Chrome should reconsider. > Note that Apple has already removed DHE cipher suites from Safari in the latest OS X and iOS releases, so advertising only DHE is already infeasible for most servers. I don't think telling servers to disable RSA ciphers and only advertise DHE_RSA ciphers makes much sense. The set of servers which... 1. Are willing to disable plain RSA. 2. Don't have ECDHE support. 3. Are unwilling to take updates and get ECDHE support. 4. Support DHE support *with a sensible group*. 5. Are willing to deploy DHE with said sensible group despite the compatibility and performance hit. ...is certainly all but nil. David I think we're overstating the compatibility costs. > > very few widely deployed implementations (with the exception of the long > deprecated Windows XP) lack support for DHE_RSA *and* ECDHE_RSA at the > same time > > -- > Regards, > Hubert Kario > Senior Quality Engineer, QE BaseOS Security team > Web: www.cz.redhat.com > Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech > Republic_______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
