The fact that there are long product lifecycles makes the case for deprecation rather than against it. Imagine that we do not deprecate DHE. That means that next year, someone will be fully within the standard to create a long-lived product that uses DHE with TLS 1.2 and nothing more secure than that. That means that we can't deprecate DHE next year either for the same reason we can't deprecate it now, and so on, forever. Is that really the circumstance we want to find ourselves in? To never deprecate insecure algorithms? That seems overly reckless to me and may leave new systems vulnerable to known security issues for a long time.
Carrick On Fri, Dec 16, 2022 at 3:22 AM Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > Rob Sayre <say...@gmail.com> writes: > > >For my part, I'm sick of "IoT" or "SCADA" or "embedded" vendors just > >endlessly keeping old cipher suites alive. The unwise cost-cutting in > those > >areas does not constrain the rest of the internet. > > And for my part I'm... well not really sick of but resigned to accepting > the > fact that as far as the WG seems to be concerned, nothing exists outside of > the web [*] and there's no need to accommodate anything but that. Saying > "lalalalala I'm not listening, I'm not listening" won't deal with the fact > that there's a staggering amount of gear out there with product lifecycles > sometimes measured in decades that needs a sound basis for making decisions > about what to deploy, which this deprecation isn't providing. > > Maybe that's the way to resolve this, make it explicit that the deprecation > applies for web use and not for other uses like SCADA, embedded, or > anything > else that needs to take long-term usage into account. > > Peter. > > [*] Once you exclude your list of IoT, SCADA, embedded, and the case I > mentioned, transaction processing, you've pretty much ruled out > everything but web use... well OK, admittedly there's still email (so > opportunistic encryption) and a bunch of barely-visible stuff like any > tunnels that for some reason don't already use IPsec/OpenVPN/WireGuard. > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
