idnits 2.17.1 draft-ietf-curdle-rc4-die-die-die-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The abstract seems to indicate that this document updates RFC4253, but the header doesn't have an 'Updates:' line to match this. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (January 10, 2018) is 2298 days in the past. Is this intentional? Checking references for intended status: Best Current Practice ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6151' is defined on line 130, but no explicit reference was found in the text == Unused Reference: 'RFCxxxx' is defined on line 145, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Engineering Task Force (IETF) L. Camara 2 Internet-Draft January 10, 2018 3 Obsoletes: 4345 4 Updates: 4253 5 Intended Status: Best Current Practice 6 Expires: July 14, 2018 8 Depreciating RC4 in Secure Shell (SSH) 9 draft-ietf-curdle-rc4-die-die-die-05 11 [[RFC-Editor: please replace the second character of my surname by 12 U+00E2 when publishing as RFC in the header and in all pages. 13 Non-ASCII characters are allowed in RFCs as per RFC 7997.]] 15 Abstract 17 This document depreciates RC4 in Secure Shell (SSH). Therefore, this 18 document updates RFC 4253, and formally obsoletes and moves to 19 Historic RFC 4345. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on July 14, 2018. 38 Copyright Notice 40 Copyright (c) 2017 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Why obsolete and move to Historic RFC 4345 . . . . . . . . . . 2 57 3. Updates to RFC 4253 . . . . . . . . . . . . . . . . . . . . . . 2 58 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 60 6. Acknowlegdements . . . . . . . . . . . . . . . . . . . . . . . 3 61 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 7.1. Normative References . . . . . . . . . . . . . . . . . . . . 3 63 7.2. Informative References . . . . . . . . . . . . . . . . . . . 3 64 8. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 4 66 1. Introduction 68 RC4 is extremely weak [RFC6649] [RFC7457] [RFC7465] and this document 69 depreciates its use in all IETF protocols, including Kerberos and 70 Secure Shell (SSH). The reasons for obsoleting RFC 4345 are 71 discussed in Section 2. The updates to RFC 4253 and the reasons for 72 doing them are specified in Section 3. 74 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 75 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 76 document are to be interpreted as described in 77 BCP 14 [RFC2119, RFC8174] when, and only when, they appear in all 78 capitals, as shown here. 80 2. Why obsolete and move to Historic RFC 4345 82 RFC 4345 defines the "arcfour-128" and "arcfour-256" modes for Secure 83 Shell (SSH), and is obsoleted and moved to Historic as RC4 is 84 extremely weak [RFC6649, RFC7457] and there is research that is at 85 least 5 years old that totally breaks all practical usage of 86 RC4 [RFC6649]. 88 3. Updates to RFC 4253 90 RFC 4253 is updated to note the depreciation of arcfour. 92 The last sentence of the paragraph on RC4 (called "arcfour" 93 in [RFC4253]) in Section 6.3 of [RFC4253] should read: "Arcfour (and 94 RC4) are extremely weak [RFC7457] and therefore it MUST NOT be used." 96 An informative reference to RFC 7457 is to be added to [RFC4253]. 98 4. IANA Considerations 100 IANA may need to take action as the status for RC4 and 3DES 101 algorithms for Secure Shell (SSH) is changed by this document 102 (see Section 3, that updates [RFC4253]). 104 5. Security Considerations 106 This document depreciates RC4, that is obsolete cryptography, and 107 several attacks that render it useless have been published 108 published [RFC6649] [RFC7457] [RFC7465]. 110 6. Acknowledgements 112 Thanks to the numerous authors which have shown the weaknesses of 113 RC4 throughout the years. 115 7. References 117 7.1. Normative References 119 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 120 Requirement Levels", BCP 14, RFC 2119, March 1997. 122 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in 123 RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. 125 7.2. Informative References 127 [RFC4253] Ylonen, T., and C. Lonvick, Ed., "The Secure Shell (SSH) 128 Transport Layer Protocol", RFC 4253, January 2006. 130 [RFC6151] Turner, S., and L. Chen, "Updated Security Considerations 131 for the MD5 Message-Digest and the HMAC-MD5 Algorithms", 132 RFC 6151, March 2011. 134 [RFC6649] Hornquist Astrand, L. and T. Yu, "Deprecate DES, RC4-HMAC- 135 EXP, and Other Weak Cryptographic Algorithms in Kerberos", 136 BCP 179, RFC 6649, July 2012. 138 [RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing 139 Known Attacks on Transport Layer Security (TLS) and 140 Datagram TLS (DTLS)", RFC 7457, February 2015. 142 [RFC7465] Popov, A., "Prohibiting RC4 Cipher Suites", RFC 7465, 143 February 2015. 145 [RFCxxxx] Kaduk, B., and M. Short, "Deprecate 3DES and RC4 in 146 Kerberos", draft-ietf-curdle-des-des-des-die-die-die-05, 147 Work in Progress. 149 [[RFC-Editor: please replace the 'i' in my name by U+00ED and the 150 first 'a' in the surname by U+00E2, as non-ASCII characters are 151 allowed as per RFC 7997]] 153 11. Author's Address 155 Luis Camara 157 EMail: