IETF Logo Mail Archive

Re: [Atlas] Application Transport LAyer Security (ATLAS) Charter Text

Carsten Bormann <cabo@tzi.org> Fri, 02 February 2018 05:00 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: atlas@ietfa.amsl.com
Delivered-To: atlas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46509127342 for <atlas@ietfa.amsl.com>; Thu, 1 Feb 2018 21:00:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jfA_o0lz-zMX for <atlas@ietfa.amsl.com>; Thu, 1 Feb 2018 21:00:46 -0800 (PST)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC7F51200C5 for <atlas@ietf.org>; Thu, 1 Feb 2018 21:00:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id w1250dSA004217; Fri, 2 Feb 2018 06:00:40 +0100 (CET)
Received: from client-0214.vpn.uni-bremen.de (client-0214.vpn.uni-bremen.de [134.102.107.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3zXlDR4zT5zDXMG; Fri, 2 Feb 2018 06:00:39 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <AM4PR0801MB2706895905D2634096D4A11BFAEC0@AM4PR0801MB2706.eurprd08.prod.outlook.com>
Date: Fri, 02 Feb 2018 06:00:38 +0100
Cc: "atlas@ietf.org" <atlas@ietf.org>
X-Mao-Original-Outgoing-Id: 539240437.444543-65de53e22aa2667fc073edf99a495c0e
Content-Transfer-Encoding: quoted-printable
Message-Id: <548BB4CB-78F1-4CA8-92D6-E7174D8B1D8A@tzi.org>
References: <AM4PR0801MB2706895905D2634096D4A11BFAEC0@AM4PR0801MB2706.eurprd08.prod.outlook.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/atlas/qQKG_YsNwMQ4ui8XKbeU2K2FHmk>
Subject: Re: [Atlas] Application Transport LAyer Security (ATLAS) Charter Text
X-BeenThere: atlas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Application Transport LAyer Security <atlas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atlas>, <mailto:atlas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/atlas/>
List-Post: <mailto:atlas@ietf.org>
List-Help: <mailto:atlas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atlas>, <mailto:atlas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2018 05:00:48 -0000

Hannes,

I have read the charter and I must admit that I have no idea what this WG would actually do.

TLS has been used in applications for a long time.  Let me take EAP-TTLS (and EAP-TLS) as an example for that to make my point more concrete.

With EAP-TTLS, one problem to be solved was the embedding of TLS in the specific application protocol (here, the application is network access control, but it is still an application).  Each such embedding will be specific to the application protocol; I have no idea what a generic embedding would look like.  This can be done only per embedding.  In any case, the charter does not discuss this, or which embeddings would be done.

The other aspect is that the application will need specific semantics from the security protocol.  For EAP-TTLS, the semantics was about secure (protected) access to a server.  The existing PKI worked reasonably well for this.  Ditto for EAP-TLS, with the addition of client certificates (which never were picked up very much in practice, something we maybe can learn from).

Other applications won't be about protected access to servers.  PKI won't do it.  I don't understand the optimism that believes that, since TLS is a fine security protocol, it will adapt to new security objectives without a hitch.  Actually, in practice, this is where security protocols fail quite often, and we will get a lot of insecure "application security" protocols on top of a "secure" TLS kernel.  The charter does not mention applications, and it does not say how an application would obtain the TLS extensions or other mechanisms to address its security objectives.  This can be done only per application.  The charter does not discuss this, or which applications would be done.  In any case, that work should include domain experts for the specific applications, so a TLS-minded WG may not be the best place to do it.

So, in summary, while TLS is a fine hammer, we won't be able to declare success by simply assuming the rest of the world to be nails.
Google's ALTS is a nice example of what you can achieve when you have a good set of building blocks to build specific signed claims that are actually reflecting the application security semantics.  Of course, the specific ALTS protocol is tailored to Google’s application environment; what we need to do first in the IETF is focus on how to offer these building blocks.  The reuse of TLS may or may not in the end help here, but pretty much is a diversion from solving the real problems.

Grüße, Carsten

v2.23.0 | Report a Bug | By Email