Re: [hrpc] The IEEE project about TLS
<nalini.elkins@insidethestack.com> Thu, 30 March 2017 03:03 UTC
Return-Path: <nalini.elkins@insidethestack.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AB0D12871F for <hrpc@ietfa.amsl.com>; Wed, 29 Mar 2017 20:03:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.696
X-Spam-Level:
X-Spam-Status: No, score=-4.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YOjH5qV6KSGY for <hrpc@ietfa.amsl.com>; Wed, 29 Mar 2017 20:03:12 -0700 (PDT)
Received: from nm23-vm7.bullet.mail.gq1.yahoo.com (nm23-vm7.bullet.mail.gq1.yahoo.com [98.136.217.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3441B1200F1 for <hrpc@irtf.org>; Wed, 29 Mar 2017 20:03:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1490842991; bh=s4VBBzCDJgiUxeo4CGLnaC9zVs8qrsdZr6wBjJlptAY=; h=Date:From:Reply-To:To:Subject:References:From:Subject; b=LdDveyXElq4y1uOTPK1nuo3iTFRFJ8oK4hZ6bnApLbAYY69ai+uyVBvv1/zZV9QhJ53UqfX6wnhTds+96/u7BelGntyH9NJEK9McbVqLM1O+ZNbS6SROquZp2CvwyoGC5VTdQoPy+d3YXj8t99s7L9/hh+3eEOQwRYrbjeSuD7QiQqfMocz0rzHrMYm1VoAJFKxVYubU3NVmjeDk7mf7HSAvkkmS+52HPNDUSubdNAXdabZE2i1719nAfW617CrSSkKq72KrXDr19CYRSW0kubNjm1BPjT4D+rIqsJvVMdyLIp0D3/beucuimMrqtVMbx6uOOA7/9WCSk5gYwSNRUg==
Received: from [98.137.12.190] by nm23.bullet.mail.gq1.yahoo.com with NNFMP; 30 Mar 2017 03:03:11 -0000
Received: from [98.137.12.220] by tm11.bullet.mail.gq1.yahoo.com with NNFMP; 30 Mar 2017 03:03:11 -0000
Received: from [127.0.0.1] by omp1028.mail.gq1.yahoo.com with NNFMP; 30 Mar 2017 03:03:11 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 299500.90763.bm@omp1028.mail.gq1.yahoo.com
X-YMail-OSG: BnYPG0cVM1nPWfAjZ4QC75cwcSRaVx5rcyPWJd8o8Pw1oT25AL4wNICkH3i1qhg HhVZBjok9s3_HzgohoikbPvzF58BjD8eV1OMY2OR6LO0QhXq.h89AYJcFXsV_Ow9EqyaAHNm3332 mwQ_RpOZKdu2HjmgxUU7op2vqQi_SsixY.SvzU8qWFwp5erbtxm9x4KBb9pe7tB8HdRM3huHBVxW SZeDSi2DRxCQT0KE.v5JNqoUPX0J5scRbABvNNBopoamt6mJBEc1yHoqjZejsO9jtP36BVrbaVtR M4.hVLPmi5DnxbaDNOAbr0yhBVvttI.Ot5YZOAxYZ50sXcjJuBgM_wyVBsJxxeuUK8UYmoxkSABu FRQYs7W96nyoZw5c8ttZUUzkHPq_i9AsSQNne4yPs0qhKGT5UudmAqMGApjmzM0Wn1j4JUXyRSks SNICGBBRa58mBe4u65GwoZvm0s7WePDJTyFDRxgYsoIPnUmud6FW7eLPbLOmv3jYTIC_rs0Gc9DR y.oLw3VqiI0Z6snMJ6DGlwrdXoPHnl9z.wCUDBRbRkEnhfYf7kfcx
Received: from jws300053.mail.gq1.yahoo.com by sendmailws145.mail.gq1.yahoo.com; Thu, 30 Mar 2017 03:03:10 +0000; 1490842990.950
Date: Thu, 30 Mar 2017 03:03:10 +0000
From: nalini.elkins@insidethestack.com
Reply-To: nalini.elkins@insidethestack.com
To: hrpc@irtf.org, Stephane Bortzmeyer <bortzmeyer@nic.fr>
Message-ID: <1030102198.8581659.1490842990693@mail.yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
References: <1030102198.8581659.1490842990693.ref@mail.yahoo.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/XpwTy6QfJ0LMXVLiJ0AtOgUUeUk>
Subject: Re: [hrpc] The IEEE project about TLS
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "niels@article19.org" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 03:03:14 -0000
Does anyone have any ideas about if this is implemented, how widespread, etc? Thanks, Nalini Elkins CEO and Founder Inside Products, Inc. www.insidethestack.com (831) 659-8360 -------------------------------------------- On Wed, 3/29/17, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote: Subject: [hrpc] The IEEE project about TLS To: hrpc@irtf.org Date: Wednesday, March 29, 2017, 7:39 PM At the plenary, someone said that the IEEE, in one of its working groups, works on a TLS interception solution. He was not sure it was was officially adopted by the IEEE or just discussed. It seems that it is this technical solution: http://mctls.org/ A perfect example of the things we discuss in HRPC about the responsability of the engineers. Not only such "solutions" open possible vulnerabilities in TLS (a protocol which is complicated and sometimes brittle: changes have unintended consequences), but it is also easy to see how it could be used for evil. _______________________________________________ hrpc mailing list hrpc@irtf.org https://www.irtf.org/mailman/listinfo/hrpc
- [hrpc] The IEEE project about TLS Stephane Bortzmeyer
- Re: [hrpc] The IEEE project about TLS nalini.elkins