< draft-luis140219-curdle-rc4-die-die-die-00.txt   draft-luis140219-curdle-rc4-die-die-die-01.txt >
Internet Engineering Task Force (IETF) L. Camara Internet Engineering Task Force (IETF) L. Camara
Internet-Draft June 16, 2017 Internet-Draft June 17, 2017
Obsoletes: 3078, 4345, 4757, 6229 Obsoletes: 3078, 4345, 4757, 6229
Updates: 2118, 3961, 4120, 4253, 6150, 6649, 7457, 7905, xxxx Updates: 2118, 3961, 4120, 4253, 6150, 6649, 7457, 7905, xxxx
Intended Status: Best Current Practice Intended Status: Best Current Practice
Expires: December 18, 2017 Expires: December 19, 2017
Prohibiting RC4 in all IETF Protocols Prohibiting RC4 in all IETF Protocols
draft-luis140219-curdle-rc4-die-die-die-00 draft-luis140219-curdle-rc4-die-die-die-01
[[RFC-Editor: Please replace all instances of xxxx in this document with [[RFC-Editor: Please replace all instances of xxxx in this document with
the RFC number of draft-ietf-curdle-des-des-des-die-die-die, nnn with the RFC number of draft-ietf-curdle-des-des-des-die-die-die, nnn with
its BCP number, MMMMMMMM with the month of its publishing as RFC, and its BCP number, MMMMMMMM with the month of its publishing as RFC, and
YYYY with the year of its publishing as RFC.]] YYYY with the year of its publishing as RFC.]]
[[RFC-Editor: please replace the second character of my surname by [[RFC-Editor: please replace the second character of my surname by
U+00E2 when publishing as RFC in the header and in all pages. U+00E2 when publishing as RFC in the header and in all pages.
Non-ASCII characters are allowed in RFCs as per RFC 7997.]] Non-ASCII characters are allowed in RFCs as per RFC 7997.]]
skipping to change at page 1, line 53 skipping to change at page 1, line 53
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 18, 2017. This Internet-Draft will expire on December 19, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 32 skipping to change at page 2, line 32
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Why obsolete RFC 3078, RFC 4345, RFC 4757 and RFC 6229 . . . . 3 2. Why obsolete RFC 3078, RFC 4345, RFC 4757 and RFC 6229 . . . . 3
3. Updates to RFC 2118 . . . . . . . . . . . . . . . . . . . . . . 3 3. Updates to RFC 2118 . . . . . . . . . . . . . . . . . . . . . . 3
4. Updates to RFC 3961 . . . . . . . . . . . . . . . . . . . . . . 3 4. Updates to RFC 3961 . . . . . . . . . . . . . . . . . . . . . . 3
5. Updates to RFC 4120 . . . . . . . . . . . . . . . . . . . . . . 3 5. Updates to RFC 4120 . . . . . . . . . . . . . . . . . . . . . . 3
6. Updates to RFC 4253 . . . . . . . . . . . . . . . . . . . . . . 3 6. Updates to RFC 4253 . . . . . . . . . . . . . . . . . . . . . . 3
7. Updates to RFC 6150 . . . . . . . . . . . . . . . . . . . . . . 4 7. Updates to RFC 6150 . . . . . . . . . . . . . . . . . . . . . . 4
8. Updates to RFC 6649 . . . . . . . . . . . . . . . . . . . . . . 4 8. Updates to RFC 6649 . . . . . . . . . . . . . . . . . . . . . . 4
9. Updates to RFC 7457 . . . . . . . . . . . . . . . . . . . . . . 5 9. Updates to RFC 7457 . . . . . . . . . . . . . . . . . . . . . . 5
10. Updates to RFC 7465 . . . . . . . . . . . . . . . . . . . . . 5 10. Updates to RFC 7465 . . . . . . . . . . . . . . . . . . . . . 5
11. Updates to RFC xxxx . . . . . . . . . . . . . . . . . . . . . 5 11. Updates to RFC 7905 . . . . . . . . . . . . . . . . . . . . . 5
12. Action to be taken . . . . . . . . . . . . . . . . . . . . . . 6 12. Updates to RFC xxxx . . . . . . . . . . . . . . . . . . . . . 5
13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 13. Action to be taken . . . . . . . . . . . . . . . . . . . . . . 6
14. Security Considerations . . . . . . . . . . . . . . . . . . . 6 14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
16. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 15. Security Considerations . . . . . . . . . . . . . . . . . . . 6
16.1. Normative References . . . . . . . . . . . . . . . . . . . . 7 16. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 6
16.2. Informative References . . . . . . . . . . . . . . . . . . . 7 17. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
17. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 8 17.1. Normative References . . . . . . . . . . . . . . . . . . . . 7
Appendix A. Status of Updated Documents as of 2017-06-16 . . . . . 8 17.2. Informative References . . . . . . . . . . . . . . . . . . . 7
18. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 8
Appendix A. Status of Updated Documents as of 2017-06-17 . . . . . 8
Appendix B. Changelog . . . . . . . . . . . . . . . . . . . . . . 10 Appendix B. Changelog . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
RC4 is extremely weak [RFC6649, RFC7457, RFCxxxx] and this document RC4 is extremely weak [RFC6649, RFC7457, RFCxxxx] and this document
prohibits its use in all IETF protocols, including Kerberos, Secure prohibits its use in all IETF protocols, including Kerberos, Secure
Shell (SSH). The reasons for obsoleting RFC 3078, RFC 4345 and Shell (SSH). The reasons for obsoleting RFC 3078, RFC 4345 and
RFC 4757 and moving them to Historic are discussed in Section 2. The RFC 4757 and moving them to Historic are discussed in Section 2. The
updates to RFC 2118, RFC 3961, RFC 4120, RFC 4253, RFC 6150, updates to RFC 2118, RFC 3961, RFC 4120, RFC 4253, RFC 6150,
RFC 6649, RFC 7457, RFC 7905 and RFC xxxx and the reasons for doing RFC 6649, RFC 7457, RFC 7905 and RFC xxxx and the reasons for doing
them are specified in sections 3, 4, 5, 6, 7, 8, 9, 10 and 11, them are specified in sections 3, 4, 5, 6, 7, 8, 9, 10, 11 and 12,
respectively. The status of the updated RFCs as of the writing of respectively. The status of the updated RFCs as of the writing of
this document is available in Appendix A. this document is available in Appendix A.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14 document are to be interpreted as described in BCP 14
[RFC2119, RFC8174]. [RFC2119, RFC8174].
2. Why obsolete RFC 3078, RFC 4345, RFC 4757 and RFC 6229 2. Why obsolete RFC 3078, RFC 4345, RFC 4757 and RFC 6229
skipping to change at page 5, line 38 skipping to change at page 5, line 38
[RFC7457], an Informational RFC describing attacks against Transport [RFC7457], an Informational RFC describing attacks against Transport
Layer Security (TLS) and Datagram Transport Layer Security (DTLS), is Layer Security (TLS) and Datagram Transport Layer Security (DTLS), is
updated to note the deprecation of RC4 in all IETF protocols. updated to note the deprecation of RC4 in all IETF protocols.
10. Updates to RFC 7465 10. Updates to RFC 7465
[RFC7465] prohibits RC4 cipher suites in Transport Layer Security [RFC7465] prohibits RC4 cipher suites in Transport Layer Security
(TLS) and is updated to note the deprecation of RC4 in all IETF (TLS) and is updated to note the deprecation of RC4 in all IETF
protocols. protocols.
11. Updates to RFC xxxx 11. Updates to RFC 7905
RFC 7905, describing the ChaCha20-Poly1305 stream cipher to replace
RC4 in Transport Layer Security (TLS), is updated to note the
deprecation of RC4 in all IETF protocols, including TLS. RFC 7465,
that prohibited RC4 cipher suites, did not update RFC 7905, so this
document will do so.
12. Updates to RFC xxxx
[RFCxxxx] deprecates 3DES and RC4 in Kerberos, obsoletes RFC 4757 and [RFCxxxx] deprecates 3DES and RC4 in Kerberos, obsoletes RFC 4757 and
updates RFC 3961, and is updated by this document to note the updates RFC 3961, and is updated by this document to note the
moving of RC4 RFCs (RFC 4345 and RFC 6229) and Microsoft technology moving of RC4 RFCs (RFC 4345 and RFC 6229) and Microsoft technology
dependent on RC4 (RFC 3078 and RFC 4757). dependent on RC4 (RFC 3078 and RFC 4757).
An important quote from [RFCxxxx] (Section 5.4 of [RFCxxxx]): An important quote from [RFCxxxx] (Section 5.4 of [RFCxxxx]):
""" """
Fortuntately, modern (i.e., supported) Kerberos implementations Fortuntately, modern (i.e., supported) Kerberos implementations
support a secure alternative to RC4, in the form of AES. Windows has support a secure alternative to RC4, in the form of AES. Windows has
skipping to change at page 6, line 21 skipping to change at page 6, line 21
AES (including the GSSAPI mechanism) since 2004 with the release of AES (including the GSSAPI mechanism) since 2004 with the release of
version 1.3.2; Heimdal [HEIMDAL] has fully supported AES since 2005 version 1.3.2; Heimdal [HEIMDAL] has fully supported AES since 2005
with the release of version 0.7. Though there may still be issues with the release of version 0.7. Though there may still be issues
running ten-year-old unsupported software in mixed environments with running ten-year-old unsupported software in mixed environments with
new software, issues of that sort seem unlikely to be unique to new software, issues of that sort seem unlikely to be unique to
Kerberos, and the aministrators of such environments are expected to Kerberos, and the aministrators of such environments are expected to
be capable of devising workarounds. be capable of devising workarounds.
""" """
(note the quote contains typos: "Fortuntately" and "aministrators") (note the quote contains typos: "Fortuntately" and "aministrators")
12. Action to be taken 13. Action to be taken
RC4 MUST NOT be used in new implementations of IETF protocols, and RC4 MUST NOT be used in new implementations of IETF protocols, and
RC4 MUST be eliminated as fast as possible from the existing Internet RC4 MUST be eliminated as fast as possible from the existing Internet
infrastructure, as RC4 is extremely weak [RFC6649, RFC7457, RFCxxxx]. infrastructure, as RC4 is extremely weak [RFC6649, RFC7457, RFCxxxx].
New RFCs MAY use the phrase "RC4 is extremely weak [RFC6649, RFC7457, New RFCs MAY use the phrase "RC4 is extremely weak [RFC6649, RFC7457,
RFCxxxx]" with references to RFC 6649, RFC 7457 and RFC xxxx. Whether RFCxxxx]" with references to RFC 6649, RFC 7457 and RFC xxxx. Whether
the references to these documents is normative or informative is the references to these documents is normative or informative is
determined by BCP 9 and BCP 97, whose relevant documents for this determined by BCP 9 and BCP 97, whose relevant documents for this
purpose are RFC 2026, RFC 3967, RFC 4897, RFC 6410 and RFC 8067. purpose are RFC 2026, RFC 3967, RFC 4897, RFC 6410 and RFC 8067.
Microsoft Corporation SHOULD take action to eradicate RC4 in all Microsoft Corporation SHOULD take action to eradicate RC4 in all
its software and systems. its software and systems.
13. IANA Considerations 14. IANA Considerations
IANA may need to take action as the status for RC4 and 3DES IANA may need to take action as the status for RC4 and 3DES
algorithms for Secure Shell (SSH) is changed by this document algorithms for Secure Shell (SSH) is changed by this document
(see Section 6, that updates [RFC4253]). (see Section 6, that updates [RFC4253]).
14. Security Considerations 15. Security Considerations
This document deprecates RC4, that is obsolete cryptography, and This document deprecates RC4, that is obsolete cryptography, and
several attacks that render it useless have been published [RFC6649]. several attacks that render it useless have been published [RFC6649].
Refer to Section 5 of [RFCxxxx] for further security considerations. Refer to Section 5 of [RFCxxxx] for further security considerations.
15. Acknowledgements 16. Acknowledgements
[[RFC-Editor: When possible, add native names according to the [[RFC-Editor: When possible, add native names according to the
conventions of RFC 7997.]] conventions of RFC 7997.]]
Thanks to the following people for writing reference material: Thanks to the following people for writing reference material:
* Love Hornquist Astrand and Tom Yu for writing RFC 6649, that * Love Hornquist Astrand and Tom Yu for writing RFC 6649, that
deprecates weak cryptographic algorithms in Kerberos. deprecates weak cryptographic algorithms in Kerberos.
* Yaron Sheffer, Ralph Holz and Peter Saint-Andre for writing * Yaron Sheffer, Ralph Holz and Peter Saint-Andre for writing
RFC 7457, that summarises known attacks against Transport Layer RFC 7457, that summarises known attacks against Transport Layer
Security (TLS). Security (TLS).
* Andrei Popov for writing RFC 7465, that prohibits RC4 cipher * Andrei Popov for writing RFC 7465, that prohibits RC4 cipher
suites. suites in Transport Layer Security (TLS).
Also thanks to SSL Labs for capping server grades to B (RC4 only used Also thanks to SSL Labs for capping server grades to B (RC4 only used
with older protocols) and C (RC4 used with modern protocols) when with older protocols) and C (RC4 used with modern protocols) when
servers support RC4, and flagging cipher suites and clients using RC4 servers support RC4, and flagging cipher suites and clients using RC4
with a red colour. You can test any server at with a red colour. You can test any server at
<https://www.ssllabs.com/ssltest/>. <https://www.ssllabs.com/ssltest/>.
Refer to the acknowledgements section of RFC 6649, RFC 7457 and Refer to the acknowledgements section of RFC 6649, RFC 7457 and
RFC xxxx for further acknowledgements. RFC xxxx for further acknowledgements.
16. References 17. References
16.1. Normative References 17.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC6649] Hornquist Astrand, L. and T. Yu, "Deprecate DES, RC4-HMAC- [RFC6649] Hornquist Astrand, L. and T. Yu, "Deprecate DES, RC4-HMAC-
EXP, and Other Weak Cryptographic Algorithms in Kerberos", EXP, and Other Weak Cryptographic Algorithms in Kerberos",
BCP 179, RFC 6649, July 2012. BCP 179, RFC 6649, July 2012.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in
RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. RFC 2119 Key Words", BCP 14, RFC 8174, May 2017.
[RFCxxxx] Kaduk, B., and M. Short, "Deprecate 3DES and RC4 in [RFCxxxx] Kaduk, B., and M. Short, "Deprecate 3DES and RC4 in
Kerberos", BCP nnn, RFC xxxx, [[RFC-Editor: this is Kerberos", BCP nnn, RFC xxxx, [[RFC-Editor: this is
Internet-Draft draft-ietf-curdle-des-des-des-die-die-die, Internet-Draft draft-ietf-curdle-des-des-des-die-die-die,
and remove this notice when publishing]], MMMMMMMM YYYY. and remove this notice when publishing]], MMMMMMMMM YYYY.
16.2. Informative References 17.2. Informative References
[HEIMDAL] Heimdal Project, "Heimdal Kerberos Implementation", April [HEIMDAL] Heimdal Project, "Heimdal Kerberos Implementation", April
2017, <https://www.h5l.org/>. 2017, <https://www.h5l.org/>.
[MITKRB5] MIT, "MIT Kerberos Implementation", March 2017, [MITKRB5] MIT, "MIT Kerberos Implementation", March 2017,
<https://web.mit.edu/kerberos/>. <https://web.mit.edu/kerberos/>.
[RFC3961] Raeburn, K., "Encryption and Checksum Specifications for [RFC3961] Raeburn, K., "Encryption and Checksum Specifications for
Kerberos 5", RFC 3961, February 2005. Kerberos 5", RFC 3961, February 2005.
[RFC4253] Ylonen, T., and C. Lonvick, Ed., "The Secure Shell (SSH) [RFC4253] Ylonen, T., and C. Lonvick, Ed., "The Secure Shell (SSH)
Transport Layer Protocol", RFC 4253, January 2006. Transport Layer Protocol", RFC 4253, January 2006.
[RFC4757] Jaganathan, K., Zhu, L., and J. Brezak, "The RC4-HMAC
Kerberos Encryption Types Used by Microsoft Windows",
RFC 4757, December 2006.
[RFC6150] Turner, S., and L. Chen, "MD4 to Historic Status", [RFC6150] Turner, S., and L. Chen, "MD4 to Historic Status",
RFC 6150, March 2011. RFC 6150, March 2011.
[RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing [RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing
Known Attacks on Transport Layer Security (TLS) and Known Attacks on Transport Layer Security (TLS) and
Datagram TLS (DTLS)", RFC 7457, February 2015. Datagram TLS (DTLS)", RFC 7457, February 2015.
[RFC7465] Popov, A., "Prohibiting RC4 Cipher Suites", RFC 7465, [RFC7465] Popov, A., "Prohibiting RC4 Cipher Suites", RFC 7465,
February 2015. February 2015.
[SCHNEIER] Schneier, B., "Applied Cryptography Second Edition: [SCHNEIER] Schneier, B., "Applied Cryptography Second Edition:
protocols algorithms and source in code in C", John Wiley protocols algorithms and source in code in C", John Wiley
and Sons, New York, NY, 1996. and Sons, New York, NY, 1996.
[[RFC-Editor: please replace the 'i' in my name by U+00ED and the [[RFC-Editor: please replace the 'i' in my name by U+00ED and the
first 'a' in the surname by U+00E2, as non-ASCII characters are first 'a' in the surname by U+00E2, as non-ASCII characters are
allowed as per RFC 7997]] allowed as per RFC 7997]]
17. Author's Address 18. Author's Address
Luis Camara Luis Camara
EMail: <luis.camara@live.com.pt> EMail: <luis.camara@live.com.pt>
Appendix A. Status of Updated Documents as of 2017-06-16 Appendix A. Status of Updated Documents as of 2017-06-17
[[RFC-Editor: Please replace with updated data when publishing as RFC [[RFC-Editor: Please replace with updated data when publishing as RFC
and replace "2017-06-16" by the date of publishing. and replace "2017-06-17" by the date of publishing.
Leave the table below in a page of its own.]] Leave the table below in a page of its own.]]
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC #### | Status | Updated by | | RFC #### | Status | Updated by |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 2118 | Informational | RFC 3078 | | RFC 2118 | Informational | RFC 3078 |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 3961 | Proposed Standard | RFC xxxx | | RFC 3961 | Proposed Standard | RFC xxxx |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| | | RFC 4537, RFC 5021, RFC 5896, | | | | RFC 4537, RFC 5021, RFC 5896, |
| RFC 4120 | Proposed Standard | RFC 6111, RFC 6112, RFC 6113, | | RFC 4120 | Proposed Standard | RFC 6111, RFC 6112, RFC 6113, |
skipping to change at page 9, line 27 skipping to change at page 9, line 27
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 6150 | Informational | | | RFC 6150 | Informational | |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 6649 | Best Current Practice | | | RFC 6649 | Best Current Practice | |
| | (BCP 179) | | | | (BCP 179) | |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 7457 | Informational | | | RFC 7457 | Informational | |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 7465 | Proposed Standard | | | RFC 7465 | Proposed Standard | |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
| RFC 7905 | Proposed Standard | |
+----------+-----------------------+--------------------------------+
| RFC xxxx | Best Current Practice | This draft is [RFCxxxx] | | RFC xxxx | Best Current Practice | This draft is [RFCxxxx] |
| | (BCP nnn) | | | | (BCP nnn) | |
+----------+-----------------------+--------------------------------+ +----------+-----------------------+--------------------------------+
Appendix B. Changelog Appendix B. Changelog
[[RFC-Editor: please remove this section when publishing.]] [[RFC-Editor: please remove this section when publishing.]]
01 - explained reasons for updating RFC 7905 and added an informative
reference to RFC 4757 to take away a missing reference warning.
00 - first version. [RFCxxxx] is a reference to 00 - first version. [RFCxxxx] is a reference to
draft-ietf-curdle-des-des-des-die-die-die. The quote in draft-ietf-curdle-des-des-des-die-die-die. The quote in
Section 11 is from version 03 of this draft (posted 2017-06-15) Section 11 is from version 03 of this draft (posted 2017-06-15)
 End of changes. 22 change blocks. 
27 lines changed or deleted 46 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/