[exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA2…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: admin
Data:  
Para: exim-dev
Temas antigos: [exim-dev] [Bug 2872] New: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
Asunto: [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
https://bugs.exim.org/show_bug.cgi?id=2872

--- Comment #6 from help@??? ---
One has to think of TLS 1.3 as a completely new protocol. Apart from its name,
it has nothing in common with TLS 1.2 anymore. Not only are the cipher names
completely new, but also the entire handshake structure of TLS 1.3 is faster.
At its conception, there were even discussions if it should be named TLS 2.0
instead of TLS 1.3 because the changes were so fundamental.

In terms of ciphers, there are only generic names available anymore with a
general description of what algorithm and its hashing strength. Gone are the
days, where one has to define the type of DH exchange (DH, DHE or ECDHE) or
type of certificate (DSA, RSA or ECDSA) within a cipher but instead one
'generic name' per cipher is defined and the library - in this case OpenSSL -
handles the rest.

There can't be any version downgrade-ability, simply because the information in
a 'generic TLS 1.3 ciphersuite name' does not contain the information needed
for a specific TLS 1.2 cipher. There is no such thing as "the same cipher" for
TLS 1.2 and 1.3 or vice versa. And that is just on the cipher side. The
handshake is different too, which makes the prospect a complete
interchangeability even "more impossible".

TLS 1.3 has 'nothing' to do with TLS 1.2 anymore. They are like siblings but
from different parents, so to speak.

A simple but great rule to help throughout this confusion is the question:
Would this kind of outcome considered to be good/right/expected, if TLS 1.3 is
the only version (ever) existing. If the answer is yes, then everything works
as expected. Even if TLS 1.2 is around or beside.

In case of the TLS 1.3 issue mentioned before: Would a TLS 1.3 connection
termination because of a cipher-mismatch considered to be good/right/expected,
if TLS 1.3 is the only version (ever) existing? Yes, absolutely. Therefore
everything works as expected. TLS 1.2 has absolutely nothing to do with this
anymore.

I hope this could clear up some misconceptions.

--
You are receiving this mail because:
You are on the CC list for the bug.