Re: [dane] [saag] Need better opportunistic terminology

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 12 March 2014 17:04 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D2081A048A; Wed, 12 Mar 2014 10:04:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VDkYb5asc69J; Wed, 12 Mar 2014 10:04:07 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 5F7B81A0381; Wed, 12 Mar 2014 10:04:07 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 05402BE54; Wed, 12 Mar 2014 17:04:01 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7kz4QkdFcQMq; Wed, 12 Mar 2014 17:04:00 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id CF68BBE56; Wed, 12 Mar 2014 17:04:00 +0000 (GMT)
Message-ID: <53209382.3070809@cs.tcd.ie>
Date: Wed, 12 Mar 2014 17:04:02 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Joe Touch <touch@isi.edu>, Stephen Kent <kent@bbn.com>, dane@ietf.org, saag <saag@ietf.org>
References: <CAMm+LwjF9To+w3K4RR=72BbLNE2hJa9CibWOEARYmODiuFNu9g@mail.gmail.com> <082D04F9-DBB4-4492-BE91-C4E3616AC24D@isi.edu> <531F85D5.2070209@bbn.com> <531F8A53.1040103@isi.edu> <53206293.8020907@bbn.com> <5320900C.2030007@isi.edu>
In-Reply-To: <5320900C.2030007@isi.edu>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/pSd7zkKDeaBU-OKr-mxl-kP99BQ
Subject: Re: [dane] [saag] Need better opportunistic terminology
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 17:04:15 -0000

(again, I'd suggest one list for this if we can and the
UTA wg list, but hopefully that'll settle down when there's
an I-D, and since I'm not the boss of us anyway...:-)

On 03/12/2014 04:49 PM, Joe Touch wrote:
> Steve (et al.),
> 
> On 3/12/2014 6:35 AM, Stephen Kent wrote:
>> Joe,
>>
>>> ...
>>>> with that definition of the term, which is IPsec-specific.
>>>
>>> I'm not quite sure what term or what definition you're referring to:
>>> OE, anonymous encryption, or unauthenticated key exchange. Can you
>>> clarify?
>>
>> OE. I argue that OE is defined only for IPsec, because the definition
>> focuses on how to
>> avoid the need to coordinate SPD entries at each end.
> 
> Agreed.
> 
>>>> I have
>>>> suggested "opportunistic keying" as a preferred term, since its the
>>>> key management, not the encryption per se, that distinguishes other
>>>> proposed modes of operation for IPsec, TLS, etc.
>>>
>>> I agree if you're replacing OE with OK ;-)
>>
>> yeah, I like OK (and I like IKE too, for those of us old enough to
>> appreciate that election slogan)
> 
> I'm still a little hesitant, thinking on it further, about the term
> "opportunistic" in this sense at all.

I do think we want to define that term even if we do not
want to encourage its use. It is being used and with
subtly different meanings by different folks.

> 
> BTNS uses unsigned key exchanged, and there's nothing "opportunistic"
> about it. Unsigned authentication is the goal from the start.
> 
> OE as defined in RFC 4322 isn't about using unsigned key exchange; the
> "opportunistic" sense is derived from using keys retrieved from DNS
> without prior agreement. That's not what happens in BTNS.
> 
> Paul just noted:
> "Opportunistic keying does provide authentication, it's just that
> the authentication is only to the public key and is not
> tightly bound to any other type of identification (address, name, etc.)"
> 
> I.e., fundamentally, opportunistic approaches are completely different
> from those that don't ever bother to authenticate. I don't think it's
> useful (and could be confusing) to confuse the two by overlapping
> terminology.
> 
> I don't like the term "optimistic" either; it too implies something that
> you "hope works". There's no "hope" associated with unsigned key
> exchange; you do it (IMO) because you know what it is and you know its
> impact (e.g., raising the bar of an attacker to performing a full key
> exchange, vs. just tossing single packets like RSTs around).
> 
> Is there a reason not to just call unauthenticated key exchange what it
> is - unauthenticated key exchange?

Yes. "authenticated encryption" is a term of art (AEAD etc) and
this would be confusingly close - it'd be inevitable that some
would end up saying unauthenticated encryption and thereby would
confuse the real crypto folks.

I like the OK term myself and would be happy if we landed on
encouraging its use, based on a good definition.

But I'm fine if we end up calling it squiggle, so long as we
all end up calling the same "it" that.

> 
> If you want something pithy, maybe "Zero-ID security"?

Too close to zero-touch (which is not ad-hominem, but is
a term being used in netconf - Joe you just *have* to get
involved in that:-)

S.

> 
>>> The breakout group at the STRINT workshop that discussed terminology
>>>> suggested using the term noted above.
>>>
>>> Sorry, but to clarify, which term?
>>
>> OK vs. OE.
> 
> Thanks for the clarification.
> 
> Joe
> 
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
> 
>