Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday June 20 2018, @03:32AM   Printer-friendly
from the die-die-die dept.

As TLS 1.3 inches towards publication into the Internet Engineering Task Force's RFC series, it's a surprise to realise that there are still lingering instances of TLS 1.0 and TLS 1.1.

The now-ancient versions of Transport Layer Security (dating from 1999 and 2006 respectively) are nearly gone, but stubborn enough that Dell EMC's Kathleen Moriarty and Trinity College Dublin's Stephen Farrell want it formally deprecated.

This Internet-Draft (complete with “die die die” in the URL) argues that deprecation time isn't in the future, it's now, partly because developers in recalcitrant organisations or lagging projects probably need something to convince The Boss™ it's time to move.

The last nail in the coffin would be, formally and finally, to ban application fallback to the hopelessly insecure TLS 1.0 and 1.1 standards.

Deprecation also removes any excuse for a project to demand support for all four TLS variants (up to TLS 1.3), simplifying developers' lives and reducing the risk of implementation errors.

[...] The publication of TLS 1.3 into the RFC stream is imminent – it's reached the last stage of the pre-publication process, author's final review. When it's published, it will carry the designation RFC 8446.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by ledow on Wednesday June 20 2018, @01:27PM (1 child)

    by ledow (5567) on Wednesday June 20 2018, @01:27PM (#695569) Homepage

    You mean apart form the ones that say TLS, even TLS 1.2 (Logjam), TLS 1.0 (BEAST) etc. and yet we were actually TALKING specifically about TLS 1.0 and 1.1... And several of them mention the fix is to upgrade to TLS 1.2 (or else they'd say 1.1, wouldn't they?), talk about TLS (not SSL, e.g. BREACH, CRIME) or that the TLS session can be downgraded to the point that they are vulnerable (if you have to have TLS 1.0 but turn off most of the cipher suites, why is that any different to needing to upgrade to TLS 1.2 in terms of old-client-usage?).

    The protocols are broken. They are crackable NOW. Using commodity hardware and a MITM. That's a death sentence for any encryption security standard. Pretending it isn't is a nonsense. And that's just a brief page of summary CVE issues.

    This is like fecking about with WEP (1997) and WPA (2003) when WPA2 (2004) and WPA3 (2018) is just sitting there... and that had actual hardware upgrades required.
    TLS 1.0 (1999), TLS 1.1 (2006) are broken. Replace them with TLS 1.2 (2008) and soon TLS 1.3 (2018) where possible.

    Worse case with WEP, someone got on your wireless. Worst case with TLS, every secure financial or private byte of data anyone sends over the net can be read by anyone and EC2 instance or some clever side-channels.

    Banks don't up and change their software and encryption standards for a laugh. If anything, they are TEN YEARS behind.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Insightful) by driverless on Wednesday June 20 2018, @03:50PM

    by driverless (4770) on Wednesday June 20 2018, @03:50PM (#695633)

    The protocols are broken. They are crackable NOW. Using commodity hardware and a MITM.

    You keep repeating this. Prove it by performing a full plaintext recovery attack on eBay or Paypal as I described earlier. Simply bleating "they're broken, they're totally insecure, they're totally broken" over and over doesn't make it so. If they're so incredibly easy to break, go ahead and do it, on a site where it actually matters like eBay or Paypal. I'll wait here.