On 14/12/2022 04:08, Peter Gutmann wrote:
Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> writes:
I do not support deprecation, because there will be deployed devices (IoT,
SCADA) that aren’t upgradable – and the new stuff will have to access them.
It's actually much worse than just SCADA, there are deployments in things like
wholesale banking where the semi-deprecation of DH suites has led to them
falling back to RSA instead. This pointless removal of FFDHE, while it'll be
written as MUST NOT FFDHE, will actually be MUST RSA in some environments.
In other words not only will it not make things any more secure, it'll make
some things much, much less secure.
Yes. As a later post suggests, there is no point in also prohibiting,
or pointing to the prohibition of RSA as well (sensible as that is)
because it leaves most people, those not involved with large websites,
with nowhere to go. A more nuanced approach is required by most of the
world; this is perfection, this is useless while this has some merit but
leaves you exposed to .....
With these discussions, I always think of an operational system of which
I am a registered user for which I was given an eight-character
password, albeit one that does not appear in any dictionary, and which I
cannot change; if I want to alter it, then I must e-mail the
administrator who will e-mail me a new one. That is the real world
which discussions like these cannot reach.
Tom Petch
Peter.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
