Re: [Uta] E-Mail Protocol Security Measurements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

* Viktor Dukhovni <ietf-dane@xxxxxxxxxxxx> [28/07/2015 01:16:50] wrote:
> On Mon, Jul 27, 2015 at 03:17:52PM +0200, Aaron Zauner wrote:
> 
> > https://www.ietf.org/proceedings/93/slides/slides-93-saag-2.pdf
> > 
> >  * RC4 support is at about 83-85%
> >  * unsurprisingly TLS 1.0 is most widely supported
> >  * ~60% of certificates are self-signed
> >  * a huge number of servers offer AUTH PLAIN (some without STARTTLS)
> >  * ECDH: most use 256bit group size
> 
> No surprises in the above.
> 

Yep, we didn't expect anything else. This is also consistent with
reports we've seen from E-mail Service Providers and universities.

> >  * 512bit DH(E) primes are very common
> 
> With export ciphers, or with non-export ciphers?  I would expect
> non-export ciphersuites to be accompanied by stronger DHE primes,
> with 512-bit DHE primarily used with export ciphers.  Do you have
> a break-down?
> 

I'll provide a detailed mapping in the coming days.

> >  * RC2-CBC-MD5 is supported by 40% of SMTP servers we've studied,
> 
> This looks implausible, I've not seen it once in SMTP connection
> logs.  Slide 8 even mentions this "preferred" by ~25% of servers.
> Preferred to what?
> 
> This is an SSL 2.0 ciphersuite, and OpenSSL will never choose it
> unless the selected protocol is SSL 2.0.  And indeed it is by
> default the most preferred ciphersuite if you force SSL 2.0.
> 
> But SSLv2-only servers are VERY rare (at least for SMTP), the above
> datapoint is at least misleading.
> 
> >  * IDEA-CBC-MD5 by 14%
> 
> This is also SSLv2 only.
> 

Yes, these are exclusive SSLv2 cipher-suites. With about 40% of SMTP
servers still supporting SSLv2 this seems to be correct. Note that
these are not measurements of how many mail servers do actually
establish connections on these protocols, it's just a figure of
support for protocols/cipher-suites. That wasn't meant to be
misleading, thanks for pointing out that my slides do not explicitly
state the tested protocol version there.

Please keep in mind that these are rough numbers from our initial
aggregation of data in the data-sets we've collected, not a paper.

Aaron

Attachment: signature.asc
Description: Digital signature

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]