On Thursday, October 10, 2013, Salz, Rich wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">> TLS was designed to support multiple ciphersuites. Unfortunately this opened the door<br>
> to downgrade attacks, and transitioning to protocol versions that wouldn't do this was nontrivial.<br>
> The ciphersuites included all shared certain misfeatures, leading to the current situation.<br>
<br>
On the other hand, negotiation let us deploy it in places where full-strength cryptography is/was regulated.<br>
<br>
Sometimes half a loaf is better than nothing.</blockquote><div><br></div><div> The last time various SSL/TLS ciphersuites needed to be removed from webserver configurations when I managed a datacenter some years ago led to the following 'failure modes', either from the user's browser now warning or refusing to connect to a server using an insecure cipher suite, or when the only cipher suites used by a server weren't supported by an old browser (or both at once):<br>
</div><div><br></div><div>1) for sites that had low barriers to switching, loss of traffic/customers to sites that didn't drop the insecure ciphersuites</div><div><br></div><div>2) for sites that are harder to leave (your bank, google/facebook level sticky public ones [less common]), large increases in calls to support, with large costs for the business. Non-PCI compliant businesses taking CC payments are generally so insecure that customers that fled to them really are uppung their chances of suffering fraud.</div>
<div><br></div><div>In both cases you have a net decrease of security and an increase of fraud and financial loss. </div><div><br></div>So in some cases anything less than a whole loaf, which you can't guarantee for N years of time, isn't 'good enough.' In other words, we are screwed no matter what.<div>
<br></div><div>-David Mercer</div><div><br></div><br><br>-- <br><div dir="ltr">David Mercer - <a href="http://dmercer.tumblr.com" target="_blank">http://dmercer.tumblr.com</a><br>IM: AIM: MathHippy Yahoo/MSN: n0tmusic<br>
Facebook/Twitter/Google+/Linkedin: radix42<br>FAX: +1-801-877-4351 - BlackBerry PIN: 332004F7<div>PGP Public Key: <a href="http://davidmercer.nfshost.com/radix42.pubkey.txt" target="_blank">http://davidmercer.nfshost.com/radix42.pubkey.txt</a></div>
<div>Fingerprint: A24F 5816 2B08 5B37 5096 9F52 B182 3349 0F23 225B</div></div><br>