Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]
Hesham ElBakoury <helbakoury@gmail.com> Tue, 19 December 2023 23:13 UTC
Return-Path: <helbakoury@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B065CC257EEF for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 15:13:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0BZuY-77ahSh for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 15:13:42 -0800 (PST)
Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D595EC257EE8 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 15:13:42 -0800 (PST)
Received: by mail-ot1-x333.google.com with SMTP id 46e09a7af769-6da3659535fso4297703a34.3 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 15:13:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1703027622; x=1703632422; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3Pqbx/qfadFjbZw0/dMn6ycM2ePeDLhpcZHcTvg/Xxw=; b=f0XVfAW0in9C0JIRYqpv9ap3l/PHrFNNr4l3hXXbrE5iUhRtSFi7HezTV91jZ/o8IN CjZfuNEc3AwcDW3gKp5YiRJv8pSuWMXIJHpk65tiZX1bDAiNIs27XC3FD3XmPJEgbi3B l27q+zGVOEwfodyHgDjVaHWljAXz3iaQdpLxa0alPPD9vssnuDei/S9WLPAJhZvrXfdk qO6xWfFfNKi1wGUQkFzC70iDLwJbkd2+BxZmaecNBRrxihUjD2KZfERD1KsBRTv+eYsp sIF33qGjeRU1eFUX+JNf6g+nf9+8Is+pZyfroAaS4R0M1AyTwdxc3WMZUVKW1m8DuG/6 8vXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703027622; x=1703632422; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3Pqbx/qfadFjbZw0/dMn6ycM2ePeDLhpcZHcTvg/Xxw=; b=qBJ08Es9AE3RtZUS9RflXanq1PoxAbxfkR+oB44FqAu04iu013xuiu/PT4y3DYlFEx jfQP+KJzjsxMm2KdnIrSLDH+12WTJAw0kRDsiBZSegKqFN5+bGiV0km3cMMuQakwPEUg yw4QBd/kBawCnaYS7N5dDf+gxzZFAkrROvFmFJkTkQwNYPzHzJ2Un+zJm32t6Up8puU7 +/kQaytny6E78Va34hao/QdPy7inhKsUV90iuwfInBtvMKp1HDiu1C8IQ2h6F2/FHZvE sjAs6bYt3nH4kFnRG/g+RK/wDZ+z/Vvn3W02hkuFrD0f9HPo7cWg/rNdMSGfkvbI60rb klIQ==
X-Gm-Message-State: AOJu0YyBPT5tgGlsKqKqUna6fcIOIjcgJtggSdeNBpM+WGt6Qvl7aNjF uhqd0boyLjCBpErQMcOef7xZ30UwHioWqPZONlI=
X-Google-Smtp-Source: AGHT+IHaN112pSo0xfxfWC1HTsoRrRfrfgzmih50X7dNJ6CnGhYT0ikTdXod5Diw7fVvP/eDq81fTa0GxD+iGbbi77U=
X-Received: by 2002:a05:6358:6f1c:b0:172:ae5d:8d31 with SMTP id r28-20020a0563586f1c00b00172ae5d8d31mr9000012rwn.16.1703027621620; Tue, 19 Dec 2023 15:13:41 -0800 (PST)
MIME-Version: 1.0
References: <170266952162.33107.14325064798861197261@ietfa.amsl.com> <6.2.5.6.2.20231216110256.18d0acd0@elandnews.com> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <CAKr6gn2Hf4N+DgKHKyO+i3T3OJyYRBJhH1AdQf-uXZ0xKmJ4Eg@mail.gmail.com> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <790032a6-24f6-60d1-fb60-4b44bd447bde@gmail.com> <fadd9250-4b31-4bf5-aa76-4f37d24fd650@cdt.org> <02ae01da31f2$80580630$81081290$@olddog.co.uk> <c96e396d-fc05-4bdd-a047-012cbf7366c1@cdt.org> <CAFvDQ9ouHUpn8PqcNLxT0yKGh+mPeOZE_g7a8Nz+rOzEViVL=g@mail.gmail.com> <e9f0c20a-f06c-eb8c-3261-b9c5a7f21b5f@gmail.com>
In-Reply-To: <e9f0c20a-f06c-eb8c-3261-b9c5a7f21b5f@gmail.com>
From: Hesham ElBakoury <helbakoury@gmail.com>
Date: Tue, 19 Dec 2023 15:13:29 -0800
Message-ID: <CAFvDQ9oSa62BG2DBQa72=h4=dB-yHyDtoKdA_9FrtoARKZrU7Q@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: architecture-discuss@ietf.org
Content-Type: multipart/alternative; boundary="0000000000006deed3060ce504f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/IeDoxoE0pXQ62oQWfrgPdQE1_F8>
Subject: Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2023 23:13:46 -0000
Brian, The way it works is described here: https://www.nubeva.com/pillar/get-session-keys Nubeva is in AWS market place. It is used with AWS VPC: https://aws.amazon.com/marketplace/pp/prodview-aex37bzqx6hxi Hesham On Tue, Dec 19, 2023, 2:00 PM Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > Hesham, > On 19-Dec-23 11:59, Hesham ElBakoury wrote: > > > Nubeva has developed technology to extract TLS keys to be used by 3rd > party tools to decrypt and inspect the traffic [ > https://www.nubeva.com/hubfs/Downloadables/Nubeva%20SSL%20Solution%20Brief_Nov%202019.pdf > ]. > > > > Would this violates client privacy? > > > > I may be missing something, but I don't understand how this product could > work unless the "Sensor" component is configured with the server's private > keys. Is that correct? > > Brian >
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… George Michaelson
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… Christian Huitema
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Wes Hardaker
- Re: [arch-d] IAB Statement on Encryption and Mand… Hesham ElBakoury
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Eliot Lear
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- [arch-d] Off topic [was: IAB Statement on Encrypt… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Arnaud Taddei
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] [EXTERNAL] Re: IAB Statement on Encr… Tommy Jensen
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Adrian Farrel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Hesham ElBakoury
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… John Levine
- Re: [arch-d] IAB Statement on Encryption and Mand… Mirja Kuehlewind (IETF)
- Re: [arch-d] [IAB] IAB Statement on Encryption an… Mirja Kuehlewind (IETF)