Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]

Brian E Carpenter <> Wed, 20 December 2023 04:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0D430C239605 for <>; Tue, 19 Dec 2023 20:19:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.194
X-Spam-Status: No, score=-1.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, LOTS_OF_MONEY=0.001, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2SIWySrwAaQj for <>; Tue, 19 Dec 2023 20:19:23 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 038C2C14CE44 for <>; Tue, 19 Dec 2023 20:19:22 -0800 (PST)
Received: by with SMTP id d2e1a72fcca58-6d741fb7c8eso2892861b3a.2 for <>; Tue, 19 Dec 2023 20:19:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20230601; t=1703045962; x=1703650762;; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=J1goAP6GEJch4TBDT0gdmMhXVUzJcEjTMJlXE4fNB4w=; b=fqgwj3UG0ka8vRm1P+DWaxozefAXamm2v+LA6pLbEISIB1FVPQDECh1qOfesITLYIc OMDAdsGmdf12crVPx6F/KBcblvnd2EpK6yTy+3bXuawsE72ygIlITtjSYLDyVZeWE4Go qikqUc9sxVWiQ6ZsA3c3FiRPZqZR0bWjVbQuDM4X4bB8zEY4IiE7bl6aRKfG5lrYHeGs CRKNMYeDoC0rRHD48xsRRSa94lR9KvO3/m77XkypYD86/Dme8k8mGNAzX98W0m278C/g RuZuZcXWGn3iZcF0Wv0cNvQaPFOGXGgPSjQWivFRQwseHEEocnrW3MJfKYA0DIDStkBy ieoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20230601; t=1703045962; x=1703650762; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=J1goAP6GEJch4TBDT0gdmMhXVUzJcEjTMJlXE4fNB4w=; b=csQdmrxPP1SrYqHfkVpM1RchUeM5SOIEf5eHaOXuOaxPN+1wKw46+WSjWWOiyoCt+j Xmac1wzvgAS9mlJouWljHipF90TaVOs77aOxeObs+OTZ4wDZHaMmeDIQYBV5QIB+n/sy OVS1WN7AUZjON918rOUKaAu2R/2s1SmOwUZb47qvrWTcbwC43ekdB51IyE89e9Eu3Fu3 6AXNp7+2FsalLTdNi1gZH/FxuAcUCwnT3wpdqddFwLfLPsKp5ybhbHYw5lemRE5asjsD 8L3mdfXZxSpZf+jtQWZVHkEPDiBUkn+6vL7ACZ1YPrUFiXQfHPtDauwewUC+QrTcrMzD VD4g==
X-Gm-Message-State: AOJu0YznCTHjvo17xlpttR26TKTRQZKQT9LkQd/klBn2tcNMkiULlswK Yr1gfGmhCgw2SuAH3C8awdM=
X-Google-Smtp-Source: AGHT+IEq1xgg9Y92pt8T7XJG/6RBCh5RQ0u3Vhswfajan29o95gDlYNgAJnEBkXCzTR/wsUNs9LtKg==
X-Received: by 2002:aa7:9243:0:b0:6d9:447a:963a with SMTP id 3-20020aa79243000000b006d9447a963amr818321pfp.34.1703045962170; Tue, 19 Dec 2023 20:19:22 -0800 (PST)
Received: from ?IPV6:2404:4400:541d:a600:44b7:2c2e:2bc6:8707? ([2404:4400:541d:a600:44b7:2c2e:2bc6:8707]) by with ESMTPSA id u4-20020a62d444000000b006d95eb50a2csm135457pfl.192.2023. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 19 Dec 2023 20:19:21 -0800 (PST)
Message-ID: <>
Date: Wed, 20 Dec 2023 17:19:15 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: Phillip Hallam-Baker <>
Cc:, Hesham ElBakoury <>
References: <> <> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <> <> <02ae01da31f2$80580630$81081290$> <> <> <> <> <>
From: Brian E Carpenter <>
In-Reply-To: <>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Archived-At: <>
Subject: Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 20 Dec 2023 04:19:27 -0000

On 20-Dec-23 13:54, Phillip Hallam-Baker wrote:
> If that is the way it works, it does not.

If the user doesn't have to configure it with their private keys, the only way it can work is by inserting itself in code paths inside the TLS implementation.

> The only cases where anything like that has happened have been nation state actors getting deep into the supply chain. Cases like Crypto AG.

If what they are doing is using a virus-like technique to hot patch compiled open source code, I don't think you can say they're *in* the supply chain.

After a brief search, the relevant patent appears to be US11805107. It uses the word "instrument" in a context where most of us would use "infect", e.g. when discussing "instrumenting" /usr/lib/ to extract keys.

Certainly, this subverts the purpose of TLS, by subverting the host implementation. So, not a protocol issue. However, it means that users cannot know whether their encrypted session is being read by their friendly web service provider, possibly under government orders.

For example, it appears that any AWS service you use might be affected:


> On Tue, Dec 19, 2023 at 6:13 PM Hesham ElBakoury < <>> wrote:
>     Brian,
>     The way it works is described here:
> <>
>     Nubeva is in AWS market place. It is used with AWS VPC:
> <>
>     Hesham
>     On Tue, Dec 19, 2023, 2:00 PM Brian E Carpenter < <>> wrote:
>         Hesham,
>         On 19-Dec-23 11:59, Hesham ElBakoury wrote:
>          > Nubeva has developed technology to extract TLS keys to be used by 3rd party tools to decrypt and inspect the traffic [ <>].
>          >
>          > Would this violates client privacy?
>          >
>         I may be missing something, but I don't understand how this product could work unless the "Sensor" component is configured with the server's private keys. Is that correct?
>              Brian
>     _______________________________________________
>     Architecture-discuss mailing list
> <>
> <>