crypto/tls: make 3DES opt-in

[McFacePunch]

Proposal

I propose the removal of 3DES support for TLS, the cipher has been deprecated by NIST since 2017 and Microsoft since 2018 .

This is not an urgent issue but goes a long way to helping Golang meet a default level of security that is up to date with modern standards and would even pass most audits. Specifically ECDHE-RSA-DES-CBC3-SHA is the last remaining cipher in golang that is part of the SWEET32 vulnerability as of v1.22.1.

[Jorropo]

Hello, I see you took the time to follow the long language change template, language changes are meant for things like keywords, syntax, primitive behaviors, ...
I took the liberty to simplify your proposal, to make it easier to read as we usually do for std changes.

In case anyone wants to the see the history you can click on:

edited by Jorropo ↓

on @McFacePunch's first message.

[Jorropo]

After a quick read at the code and CVE-2016-2183 I think both:

go/src/crypto/tls/cipher_suites.go

Lines 288 to 290 in 065c5d2

	// 3DES
	TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
	TLS_RSA_WITH_3DES_EDE_CBC_SHA,

are concerned with the attack, not just ECDHE-RSA-DES-CBC3-SHA.

---

We don't like removing features, for example RC4 is still supported opt-in support (both for go servers and go clients).
Should probably do the same.

---

cc @FiloSottile @rolandshoemaker @golang/security as per https://dev.golang.org/owners

[McFacePunch]

Ah good catch, that would be correct and opt-in sounds perfect.