| draft-ietf-curdle-rc4-die-die-die-05.txt | draft-ietf-curdle-rc4-die-die-die-06.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) L. Camara | Internet Engineering Task Force (IETF) L. Camara | |||
| Internet-Draft January 10, 2018 | Internet-Draft January 26, 2018 | |||
| Obsoletes: 4345 | Obsoletes: 4345 (if approved) | |||
| Updates: 4253 | Updates: 4253 (if approved) | |||
| Intended Status: Best Current Practice | Intended Status: Best Current Practice | |||
| Expires: July 14, 2018 | Expires: July 30, 2018 | |||
| Depreciating RC4 in Secure Shell (SSH) | Deprecating RC4 in Secure Shell (SSH) | |||
| draft-ietf-curdle-rc4-die-die-die-05 | draft-ietf-curdle-rc4-die-die-die-06 | |||
| [[RFC-Editor: please replace the second character of my surname by | [[RFC-Editor: please replace the second character of my surname by | |||
| U+00E2 when publishing as RFC in the header and in all pages. | U+00E2 when publishing as RFC in the header and in all pages. | |||
| Non-ASCII characters are allowed in RFCs as per RFC 7997.]] | Non-ASCII characters are allowed in RFCs as per RFC 7997.]] | |||
| Abstract | Abstract | |||
| This document depreciates RC4 in Secure Shell (SSH). Therefore, this | This document deprecates RC4 in Secure Shell (SSH). Therefore, this | |||
| document updates RFC 4253, and formally obsoletes and moves to | document updates RFC 4253, and formally obsoletes and moves to | |||
| Historic RFC 4345. | Historic RFC 4345. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 14, 2018. | This Internet-Draft will expire on July 30, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 16 ¶ | skipping to change at page 2, line 16 ¶ | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Why obsolete and move to Historic RFC 4345 . . . . . . . . . . 2 | 2. Why obsolete and move to Historic RFC 4345 . . . . . . . . . . 2 | |||
| 3. Updates to RFC 4253 . . . . . . . . . . . . . . . . . . . . . . 2 | 3. Updates to RFC 4253 . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2 | 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 | |||
| 6. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 3 | 6. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . . . 3 | 7.1. Normative References . . . . . . . . . . . . . . . . . . . . 3 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . . . 3 | 7.2. Informative References . . . . . . . . . . . . . . . . . . . 3 | |||
| 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 4 | 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1. Introduction | 1. Introduction | |||
| RC4 is extremely weak [RFC6649] [RFC7457] [RFC7465] and this document | RC4 is broken [RFC7457] and this document deprecates its use in | |||
| depreciates its use in all IETF protocols, including Kerberos and | Secure Shell (SSH). | |||
| Secure Shell (SSH). The reasons for obsoleting RFC 4345 are | ||||
| discussed in Section 2. The updates to RFC 4253 and the reasons for | ||||
| doing them are specified in Section 3. | ||||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in | document are to be interpreted as described in | |||
| BCP 14 [RFC2119, RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119, RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 2. Why obsolete and move to Historic RFC 4345 | 2. Why obsolete and move to Historic RFC 4345 | |||
| RFC 4345 defines the "arcfour-128" and "arcfour-256" modes for Secure | RFC 4345 defines the "arcfour-128" and "arcfour-256" modes for SSH, | |||
| Shell (SSH), and is obsoleted and moved to Historic as RC4 is | and is obsoleted and moved to Historic as RC4 is broken [RFC7457]. | |||
| extremely weak [RFC6649, RFC7457] and there is research that is at | The modes defined by RFC 4345 MUST NOT be used. | |||
| least 5 years old that totally breaks all practical usage of | ||||
| RC4 [RFC6649]. | ||||
| 3. Updates to RFC 4253 | 3. Updates to RFC 4253 | |||
| RFC 4253 is updated to note the depreciation of arcfour. | RFC 4253 is updated to prohibit arcfour's use in SSH. | |||
| The last sentence of the paragraph on RC4 (called "arcfour" | The last sentence of the paragraph on RC4 (called "arcfour" | |||
| in [RFC4253]) in Section 6.3 of [RFC4253] should read: "Arcfour (and | in [RFC4253]) in Section 6.3 of [RFC4253] should read: "Arcfour (also | |||
| RC4) are extremely weak [RFC7457] and therefore it MUST NOT be used." | known as RC4) is broken [RFC7457] and therefore it MUST NOT be used." | |||
| An informative reference to RFC 7457 is to be added to [RFC4253]. | An informative reference to RFC 7457 is to be added to [RFC4253]. | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| IANA may need to take action as the status for RC4 and 3DES | IANA may need to take action as the status for RC4 and 3DES | |||
| algorithms for Secure Shell (SSH) is changed by this document | algorithms for Secure Shell (SSH) is changed by this document | |||
| (see Section 3, that updates [RFC4253]). | (see Section 3, that updates [RFC4253]). | |||
| 5. Security Considerations | 5. Security Considerations | |||
| This document depreciates RC4, that is obsolete cryptography, and | This document only prohibits the use of RC4 in SSH, and introduces no | |||
| several attacks that render it useless have been published | new security considerations. | |||
| published [RFC6649] [RFC7457] [RFC7465]. | ||||
| 6. Acknowledgements | 6. Acknowledgements | |||
| Thanks to the numerous authors which have shown the weaknesses of | Thanks to the numerous authors which have shown the weaknesses of | |||
| RC4 throughout the years. | RC4 throughout the years, and to the several people which have | |||
| commented on the CURDLE mailing list about this document. | ||||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in | |||
| RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. | RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. | |||
| 7.2. Informative References | 7.2. Informative References | |||
| [RFC4253] Ylonen, T., and C. Lonvick, Ed., "The Secure Shell (SSH) | [RFC4253] Ylonen, T., and C. Lonvick, Ed., "The Secure Shell (SSH) | |||
| Transport Layer Protocol", RFC 4253, January 2006. | Transport Layer Protocol", RFC 4253, January 2006. | |||
| [RFC6151] Turner, S., and L. Chen, "Updated Security Considerations | ||||
| for the MD5 Message-Digest and the HMAC-MD5 Algorithms", | ||||
| RFC 6151, March 2011. | ||||
| [RFC6649] Hornquist Astrand, L. and T. Yu, "Deprecate DES, RC4-HMAC- | ||||
| EXP, and Other Weak Cryptographic Algorithms in Kerberos", | ||||
| BCP 179, RFC 6649, July 2012. | ||||
| [RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing | [RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing | |||
| Known Attacks on Transport Layer Security (TLS) and | Known Attacks on Transport Layer Security (TLS) and | |||
| Datagram TLS (DTLS)", RFC 7457, February 2015. | Datagram TLS (DTLS)", RFC 7457, February 2015. | |||
| [RFC7465] Popov, A., "Prohibiting RC4 Cipher Suites", RFC 7465, | ||||
| February 2015. | ||||
| [RFCxxxx] Kaduk, B., and M. Short, "Deprecate 3DES and RC4 in | ||||
| Kerberos", draft-ietf-curdle-des-des-des-die-die-die-05, | ||||
| Work in Progress. | ||||
| [[RFC-Editor: please replace the 'i' in my name by U+00ED and the | [[RFC-Editor: please replace the 'i' in my name by U+00ED and the | |||
| first 'a' in the surname by U+00E2, as non-ASCII characters are | first 'a' in the surname by U+00E2, as non-ASCII characters are | |||
| allowed as per RFC 7997]] | allowed as per RFC 7997]] | |||
| 11. Author's Address | 8. Author's Address | |||
| Luis Camara | Luis Camara | |||
| EMail: <luis.camara@live.com.pt> | EMail: <luis.camara@live.com.pt> | |||
| End of changes. 15 change blocks. | ||||
| 42 lines changed or deleted | 22 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||