Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 20 December 2023 00:55 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B99FAC257EFB for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 16:55:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.404
X-Spam-Level:
X-Spam-Status: No, score=-6.404 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZDQ2ffHVHWCF for <architecture-discuss@ietfa.amsl.com>; Tue, 19 Dec 2023 16:54:59 -0800 (PST)
Received: from mail-ot1-f48.google.com (mail-ot1-f48.google.com [209.85.210.48]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A523EC14CE25 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 16:54:59 -0800 (PST)
Received: by mail-ot1-f48.google.com with SMTP id 46e09a7af769-6d9f8578932so3888711a34.2 for <architecture-discuss@ietf.org>; Tue, 19 Dec 2023 16:54:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703033699; x=1703638499; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vsMHvogwLZaZ7BCjli74IW16Mj3E6/Knr7fPtshyNdU=; b=mCYK3JmX9Rxkii8brRiFmbNThxQ6d+BakgjIg02fGJ984QqZfE7anbGGk9Q2ZDzJIm KH324znw89bPa1S+HciuBVWir6/gGzn6tDWALXZpAa55JpgCZkO3RGDdLkq5Q/oRBYP0 JYMse3Gu7ncoXxZtmpf3vUX5mm/NpAN9pEXxxzw3tHK7nsMLvbBM2Ht79+MImNQztm3j PbR06FmffwCSX3cDUI6qOqzQMzTvy859t7QVeUYEeE2EtSjwCXrQksByyiZxCizEmmia qUCJlzu7wn9SYhe9teeY4ZSYX0zKcDfUaWvY8DVbE/AQwU3s0hbZVUaq+CJT/qUqEzQK 1w9w==
X-Gm-Message-State: AOJu0Yxzw1X7gh7urxUkct7ZJDJyN/VxDNQqrfA0LfORqIPgKMzN45KG MPqr83X+RNMQhsdKheMafxoDomSJiMVSBPQlS2A=
X-Google-Smtp-Source: AGHT+IFkhnjDqtufCkS40GJmaoKicnz022FMb14C01esRvNumNc6BTHwGtA29US4m4ATVcUCg2E3eawRH3BWs/a0MJU=
X-Received: by 2002:a9d:768b:0:b0:6d8:74e2:c076 with SMTP id j11-20020a9d768b000000b006d874e2c076mr17517110otl.40.1703033698669; Tue, 19 Dec 2023 16:54:58 -0800 (PST)
MIME-Version: 1.0
References: <170266952162.33107.14325064798861197261@ietfa.amsl.com> <6.2.5.6.2.20231216110256.18d0acd0@elandnews.com> <CWXP265MB5153610FBB98A7B06AF81040C290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <CAKr6gn2Hf4N+DgKHKyO+i3T3OJyYRBJhH1AdQf-uXZ0xKmJ4Eg@mail.gmail.com> <CWXP265MB515381523714FF99524410CFC290A@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <790032a6-24f6-60d1-fb60-4b44bd447bde@gmail.com> <fadd9250-4b31-4bf5-aa76-4f37d24fd650@cdt.org> <02ae01da31f2$80580630$81081290$@olddog.co.uk> <c96e396d-fc05-4bdd-a047-012cbf7366c1@cdt.org> <CAFvDQ9ouHUpn8PqcNLxT0yKGh+mPeOZE_g7a8Nz+rOzEViVL=g@mail.gmail.com> <e9f0c20a-f06c-eb8c-3261-b9c5a7f21b5f@gmail.com> <CAFvDQ9oSa62BG2DBQa72=h4=dB-yHyDtoKdA_9FrtoARKZrU7Q@mail.gmail.com>
In-Reply-To: <CAFvDQ9oSa62BG2DBQa72=h4=dB-yHyDtoKdA_9FrtoARKZrU7Q@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 19 Dec 2023 19:54:46 -0500
Message-ID: <CAMm+LwgQYN9zHiH1MTGvVVB-Tq_mRO9eAKaCmcCJkzdKjqfWMA@mail.gmail.com>
To: Hesham ElBakoury <helbakoury@gmail.com>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, architecture-discuss@ietf.org
Content-Type: multipart/alternative; boundary="000000000000a65d88060ce66eb8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/yWSgc3feIduC6wMVEmExSNi6GBU>
Subject: Re: [arch-d] Off topic [was: IAB Statement on Encryption and Mandatory Client-side Scanning of Content]
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Dec 2023 00:55:03 -0000
If that is the way it works, it does not. The only cases where anything like that has happened have been nation state actors getting deep into the supply chain. Cases like Crypto AG. On Tue, Dec 19, 2023 at 6:13 PM Hesham ElBakoury <helbakoury@gmail.com> wrote: > Brian, > The way it works is described here: > https://www.nubeva.com/pillar/get-session-keys > > Nubeva is in AWS market place. It is used with AWS VPC: > https://aws.amazon.com/marketplace/pp/prodview-aex37bzqx6hxi > > Hesham > > On Tue, Dec 19, 2023, 2:00 PM Brian E Carpenter < > brian.e.carpenter@gmail.com> wrote: > >> Hesham, >> On 19-Dec-23 11:59, Hesham ElBakoury wrote: >> >> > Nubeva has developed technology to extract TLS keys to be used by 3rd >> party tools to decrypt and inspect the traffic [ >> https://www.nubeva.com/hubfs/Downloadables/Nubeva%20SSL%20Solution%20Brief_Nov%202019.pdf >> ]. >> > >> > Would this violates client privacy? >> > >> >> I may be missing something, but I don't understand how this product could >> work unless the "Sensor" component is configured with the server's private >> keys. Is that correct? >> >> Brian >> > _______________________________________________ > Architecture-discuss mailing list > Architecture-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/architecture-discuss >
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… George Michaelson
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… Christian Huitema
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… Andrew Campling
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Wes Hardaker
- Re: [arch-d] IAB Statement on Encryption and Mand… Hesham ElBakoury
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… S Moonesamy
- Re: [arch-d] IAB Statement on Encryption and Mand… Eliot Lear
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- [arch-d] Off topic [was: IAB Statement on Encrypt… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Arnaud Taddei
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] [EXTERNAL] Re: IAB Statement on Encr… Tommy Jensen
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Eric Rescorla
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Phillip Hallam-Baker
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] IAB Statement on Encryption and Mand… Adrian Farrel
- Re: [arch-d] IAB Statement on Encryption and Mand… Mallory Knodel
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Hesham ElBakoury
- Re: [arch-d] Off topic [was: IAB Statement on Enc… Brian E Carpenter
- Re: [arch-d] IAB Statement on Encryption and Mand… Vittorio Bertola
- Re: [arch-d] IAB Statement on Encryption and Mand… John Levine
- Re: [arch-d] IAB Statement on Encryption and Mand… Mirja Kuehlewind (IETF)
- Re: [arch-d] [IAB] IAB Statement on Encryption an… Mirja Kuehlewind (IETF)