IETF Logo Mail Archive

Re: [dane] [saag] Need better opportunistic terminology

Joe Touch <touch@isi.edu> Wed, 12 March 2014 17:31 UTC

Return-Path: <touch@isi.edu>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6ABF01A0552; Wed, 12 Mar 2014 10:31:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DwC5JYu8BVxv; Wed, 12 Mar 2014 10:31:25 -0700 (PDT)
Received: from darkstar.isi.edu (darkstar.isi.edu [128.9.128.127]) by ietfa.amsl.com (Postfix) with ESMTP id A717B1A0381; Wed, 12 Mar 2014 10:31:25 -0700 (PDT)
Received: from [128.9.160.166] (abc.isi.edu [128.9.160.166]) (authenticated bits=0) by darkstar.isi.edu (8.13.8/8.13.8) with ESMTP id s2CHUnnG001614 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 12 Mar 2014 10:30:50 -0700 (PDT)
Message-ID: <532099C9.6060405@isi.edu>
Date: Wed, 12 Mar 2014 10:30:49 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Nico Williams <nico@cryptonector.com>
References: <CAMm+LwjF9To+w3K4RR=72BbLNE2hJa9CibWOEARYmODiuFNu9g@mail.gmail.com> <082D04F9-DBB4-4492-BE91-C4E3616AC24D@isi.edu> <531F85D5.2070209@bbn.com> <531F8A53.1040103@isi.edu> <53206293.8020907@bbn.com> <5320900C.2030007@isi.edu> <CAK3OfOim8Ayem0a5havh+j41qF+YGtN=g6zTmvbSo67c90vjBg@mail.gmail.com>
In-Reply-To: <CAK3OfOim8Ayem0a5havh+j41qF+YGtN=g6zTmvbSo67c90vjBg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/2qhLzTv_nqo4bU5ha0InKahyURM
Cc: saag <saag@ietf.org>, dane@ietf.org
Subject: Re: [dane] [saag] Need better opportunistic terminology
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 17:31:31 -0000

On 3/12/2014 10:06 AM, Nico Williams wrote:
> On Wed, Mar 12, 2014 at 11:49 AM, Joe Touch <touch@isi.edu> wrote:
...
>> BTNS uses unsigned key exchanged, and there's nothing "opportunistic" about
>> it. Unsigned authentication is the goal from the start.
>
> For me the goal was to use channel binding at the application layer.

Having unsigned key exchange has two ultimate uses:

	- raising the bar for attacks
		above 'send a RST' but below MITM

	- providing a network-level mechanism that can be linked
	to security at higher layers

App-layer channel binding could be useful for BTNS, or for other 
approaches too (e.g., where a single key protects a set of ports).

> But we never got there: no one seems to care much about end-to-end
> IPsec, sadly.  (Well, it's not that no one cares, but that it's too
> late now; TLS is king.)

TLS still doesn't protect the transport or network layers.

>> OE as defined in RFC 4322 isn't about using unsigned key exchange; the
>> "opportunistic" sense is derived from using keys retrieved from DNS without
>> prior agreement. That's not what happens in BTNS.
>
> Stephen has it right: OE in the RFC4322 sense is about applying
> protection even when SPDs don't agree on this, but it still requires a
> keying infrastructure (i.e., trust paths).

Right, but then "O" isn't quite the right term for security that avoids 
the need for keying infrastructure altogether.

Joe

v2.23.0 | Report a Bug | By Email