Re: [Atlas] Status Update

Abhijan Bhattacharyya <abhijan.bhattacharyya@tcs.com> Tue, 19 June 2018 13:29 UTC

Return-Path: <prvs=701da5eda=abhijan.bhattacharyya@tcs.com>
X-Original-To: atlas@ietfa.amsl.com
Delivered-To: atlas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7679130EAA for <atlas@ietfa.amsl.com>; Tue, 19 Jun 2018 06:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=tcs.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Rk8tQ5IZKFs for <atlas@ietfa.amsl.com>; Tue, 19 Jun 2018 06:29:15 -0700 (PDT)
Received: from inkolg01.tcs.com (inkolg01.tcs.com [121.241.215.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D97A3130F59 for <atlas@ietf.org>; Tue, 19 Jun 2018 06:29:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tcs.com; i=@tcs.com; q=dns/txt; s=default2048; t=1529414954; x=1560950954; h=mime-version:in-reply-to:references:subject:from:to:cc: message-id:date; bh=6cFxgzdzMA3FgefgcVh6H02LawlIiWZhtuhllL6sVZU=; b=AdmoMvodOLhs0d+k+Wwnpb4of/VvpEpUrHNv+JQnw4scH6iLR6Ih+ZWS 7/ouCDBhQ1ZeoCdJ1O4jrjqDtatTt+5oNcktE8Cl51cjgl7p2d/n2NVKU Y2NH/n95Zs9r7O3PtefIh6/KUqyXZefVcSzULNd9Q0Ko15wRjLKCDA3Kv OrfbYZm+mNJMH+VJ79CJJB17FIXaZBsvQXmDs3KQdO+VZiyb3tDNTaooJ edJ9Tjpy4oXbljaR8vhmLPJImfVs6/sY4/9ql8BkebBsDNkxnpwD4IkE6 D4/7TSllElgPV+sK3Fi4RR6HF+x+9om1AsgfT/VJRJL9FJBUb0wCTxeM0 Q==;
IronPort-PHdr: 9a23:DHJHDRX/ZxWAncR9TI+ZUbFZKBXV8LGtZVwlr6E/grcLSJyIuqrYbRCHt8tkgFKBZ4jH8fUM07OQ7/i9HzRYqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjWwba9yIRmssQndqtQdjJd/JKo21hbHuGZDdf5MxWNvK1KTnhL86dm18ZV+7SleuO8v+tBZX6nicKs2UbJXDDI9M2Ao/8LrrgXMTRGO5nQHTGoblAdDDhXf4xH7WpfxtTb6tvZ41SKHM8D6Uaw4VDK/5KpwVhTmlDkIOCI48GHPi8x/kqRboA66pxdix4LYeZyZOOZicq/Ye94RWGhPUdtLVyFZDYyzbJEBAOgPPehFr4fzuVgAoxW5CwawH+7g0CNEi2Xs0K0+z+gtDAfL1xEgEdIUt3TUqc34ObsJXuC1zanIzy/Mb/VL0jrg6IjHaAwhoe2WUr1sccre01MvFgPFj1qKtIfoOCma2f8Ns2ia7epvT+Svh3Q8pAFxuDev2tsshZPViYIV0F/E7yV4wYYvKtCjVE50fcWkHIFMuCGdMot7W8UvSHxmtiY9z70Jo5+7fC4SxZQm2RHfd/KHf5KP4hL5W+adOSt4i25+eL6lmxmy9k2gx+vhXce3yFZHtjdJn9vSunwXyhDe6dKLRuVz80u71juC0R3Y5PteLkAuj6XbLoYswrs3lpUOr0vOBjT2mEDqjK+OcUUk5/So5/znYrr4op+cMJd5hALmPKorg8KxB/k2PxQIUWaV/+qyzrrt81PlTblXlvE2k6/Zv47GJckDu6K0ARFZ3pw+5xu8FTuqztoVkWMIIV5dfRKIlYnpO1XAIPDiCve/hkyhny1wyPDGP73hAI/CLn7ZnLj6fbZy8VJcyBYpwt9D55JbEKsBIfLzW0Drr9HYEgM2Mxeuz+n7D9V905sSWXiTDa+BLKPSrViI6/otLeaWYo8VvijyK+M/6/Dwln82hV8dfa6n3ZQJbnC4H/tmLl6Dbnr2h9cNC3sFvg07TObykl2NTSZTZ2quX6I7/jw0Ep6mDYPZSYC2m7GB3Tm0HoFYZmxcDVCMC3joJM24XKIsYSSUL9QpricPVb+vRokg2ln6lAb8zbd8aNbP8S0fu5/l1ddd7vfW0xo18GonId6a1jSkRWF1nGoODxU21bxjqEd9w02SwKEw1/VSFd1R7vUPWAczKYLVxOxzEcHjUyrddczPQ1GjFIb1SQotR848loddK312HM+v21Wah3Kn
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2BtAQBwAylb/wQXEqxTCYMFS4EMsHAUgWSEdwKDCjQYAwEBAQEBAQIBgRSCNSQBgk4BAQUtQQIJEAUGDQQDAQIoB0YJCAYLCBEDB4MKAYIOqgYBAQGDB4Rbg2uBaIdKbT50fiWDdoRCAQgDBAMBP4MOBIIkAoc6HRuFMz+LOwcCgWuJZYR+HYNjh36HcosigRlxcFCFdQECjRkJj14PgjkBAQ
X-IPAS-Result: A2BtAQBwAylb/wQXEqxTCYMFS4EMsHAUgWSEdwKDCjQYAwEBAQEBAQIBgRSCNSQBgk4BAQUtQQIJEAUGDQQDAQIoB0YJCAYLCBEDB4MKAYIOqgYBAQGDB4Rbg2uBaIdKbT50fiWDdoRCAQgDBAMBP4MOBIIkAoc6HRuFMz+LOwcCgWuJZYR+HYNjh36HcosigRlxcFCFdQECjRkJj14PgjkBAQ
X-IronPort-AV: E=Sophos;i="5.51,243,1526322600"; d="scan'208,217";a="330126893"
MIME-Version: 1.0
Sensitivity:
Importance: Normal
X-Priority: 3 (Normal)
In-Reply-To: <VI1PR0801MB2112385E74223CC722B0E2A1FA7B0@VI1PR0801MB2112.eurprd08.prod.outlook.com>
References: <VI1PR0801MB2112385E74223CC722B0E2A1FA7B0@VI1PR0801MB2112.eurprd08.prod.outlook.com>
From: Abhijan Bhattacharyya <abhijan.bhattacharyya@tcs.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: "atlas@ietf.org" <atlas@ietf.org>
Message-ID: <OF2AB8BDA9.34065D36-ON652582B1.00498E9D-652582B1.00498EA3@tcs.com>
Date: Tue, 19 Jun 2018 18:53:26 +0530
X-Mailer: Lotus Domino Web Server Release 9.0.1FP8HF242 May 5, 2017
X-MIMETrack: Serialize by http on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 06/19/2018 18:53:26, Serialize complete at 06/19/2018 18:53:26, Itemize by http on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 06/19/2018 18:53:26, Serialize by Router on InKolM02/TCS(Release 9.0.1FP8HF242 | May 5, 2017) at 06/19/2018 18:53:28, Serialize complete at 06/19/2018 18:53:28
Content-Type: multipart/alternative; boundary="=_alternative 00498E9F652582B1_="
Archived-At: <https://mailarchive.ietf.org/arch/msg/atlas/EfORoiHp3tWlDb3UDzsE4eDEqyE>
Subject: Re: [Atlas] Status Update
X-BeenThere: atlas@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Application Transport LAyer Security <atlas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atlas>, <mailto:atlas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/atlas/>
List-Post: <mailto:atlas@ietf.org>
List-Help: <mailto:atlas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atlas>, <mailto:atlas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2018 13:29:18 -0000

Hello Hannes,
Thanks for the update. The revise charter looks good. So what can we expect in Montral? Do we expect another attempt towards a BoF?
I have a view against the particular observation of low activities in the mailing list. I think what ATLAS is trying to do is to collect and coordinate between different relevant stray proposals (which may have already been worked out) under a single consolidated standardization effort. So, the activities are waiting at a threshold of a coordinated future progress. But, more activities in this list is definitely a proposition to establish the point of interest for the IETF community. 

With Best Regards
Abhijan Bhattacharyya
Associate Consultant
Scientist, TCS Research
Tata Consultancy Services
Building 1B,Ecospace
Plot -  IIF/12 ,New Town, Rajarhat,
Kolkata - 700160,West Bengal
India
Ph:- 033 66884691
Cell:- +919830468972
Mailto: abhijan.bhattacharyya@tcs.com
Website: http://www.tcs.com
____________________________________________
Experience certainty.	IT Services
Business Solutions
Consulting
____________________________________________


-----"Atlas" <atlas-bounces@ietf.org> wrote: -----
To: "atlas@ietf.org" <atlas@ietf.org>
From: Hannes Tschofenig 
Sent by: "Atlas" 
Date: 06/08/2018 05:14PM
Subject: [Atlas] Status Update

Hi all,
 
Owen and I submitted another BoF proposal to the IESG based on the feedback from the last IETF meeting.
 
Here is the most recent charter text we came up with:
---
There are multiple scenarios where clients and servers need to negotiate shared encryption keys and establish secure, authenticated, integrity-protected, end-to-end encrypted sessions at the application layer over untrusted transport. There are a proliferation of transport protocols and mechanisms in use today across web and IoT use cases including, but not limited to, TCP, UDP, IP, Bluetooth and Zigbee. Additionally, network topologies often include middleboxes and proxies that terminate transport layer connections from clients and re-originate new transport layer connections towards the servers. From the clients and servers perspective, these transport layer proxy functions are untrusted and application data must be protected and encrypted, and not exposed to these proxies. There are multiple potential mechanisms that could be considered for negotiation of encryption keys, and establishment of end-to-end encrypted sessions at the application layer between clients and servers, and this working group proposes use of existing (D)TLS protocols and stacks.
 
This working group proposes reuse of (D)TLS at the application layer as a simple and straightforward means of achieving the security and implementation goals. The primary purpose of the working group is to develop specifications defining how (D)TLS can be leveraged at the application layer (i.e. Application Layer TLS or ATLS) to establish end-to-end encrypted sessions over a multitude of different transports.
 
Additionally, during development of ATLS specifications, the working group will consider and address concerns such as:
 
o complex, multi-hop and lossy transport topologies
o (D)TLS record fragmentation at the transport layer
o middlebox operators whose goals include interception of application layer data
 
The working group will engage with other relevant working groups across the Applications and Real-Time Area (art), Security Area (sec) and Transport Area (tsv), and one of the goals of this working group is to explicitly identity all related working groups that must be consulted during ATLS specifications development.
---
 
There do not seem to be minutes available from the IESG/IAB BoF discussions and how they reached their conclusions. So, we can only report what has been told to us by proxy.
 
In any case, the IESG rejected the BoF proposal.
 
The impression from the IESG was that the Bar BOF in London produced mixed feelings and that there was no activity on the list afterwards.
Another comment was that the required standardization effort is too small to justify the setup of an entire working group.
 
At first, this sounds a bit negative. On the other hand, we have two implementations right now. While they need to be polished I believe this is something we could go forward with.
 
Ciao
Hannes
 
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________
Atlas mailing list
Atlas@ietf.org
https://www.ietf.org/mailman/listinfo/atlas
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you