ietf-nntp TLS cipher renegotation to NULL cipher

Ken Murchison ken at oceana.com
Mon Feb 10 12:41:07 PST 2003


"Jeffrey M. Vinocur" wrote:
> 
> There is a new issue raised below that I'd like people to discuss.
> 
> It is of particular interest to people who want TLS protection only on the
> authentication step, and to client authors who may be more in touch with
> their users than I am.


The text below is taken from an IMAP mailing list thread regarding TLS
renegotiation and/or DSS in NNTP.  FWIW, I agree with Chris (as I and
several others have from the beginning).



Chris Newman wrote:

FWIW, my opinion is this is likely another case of computer engineers 
trying to optimize something that doesn't need to be optimized (a sin I 
have been guilty of many times).

And I'm saying that as someone who went to the trouble of writing a spec 
and implementing a prototype SASL mechanism for this purpose (plaintext 
password encrypted only during the authentication phase).  I now think
that 
work was largely a waste of time (although I had fun doing it and
learned a 
lot).

The cost of symmetric ciphers is small to negligable on modern hardware, 
particularly a wimpy cipher like RC4 which is the most common in
SSL/TLS.

Rather than making TLS implementations more complicated (and less
secure) 
to support mid-stream down-negotiation, or introducing another SASL 
mechanism to do this, why not just optimize the RC4 code?  That will 
benefit _all_ protocols using TLS and reduce the complexity of the
Internet 
suite of protocols.

Encrypting data that doesn't need to be encrypted is good for overall 
security of the system.

                - Chris

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list