IETF Logo Mail Archive

[hrpc] FW: New Version Notification for draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt

John Mattsson <john.mattsson@ericsson.com> Mon, 02 January 2023 09:58 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC1AFC1516ED for <hrpc@ietfa.amsl.com>; Mon, 2 Jan 2023 01:58:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09NEeA2Xzw8J for <hrpc@ietfa.amsl.com>; Mon, 2 Jan 2023 01:58:14 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2073.outbound.protection.outlook.com [40.107.21.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C8A7C1516E8 for <hrpc@irtf.org>; Mon, 2 Jan 2023 01:58:13 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BPJIt72/0YbHnsDJg4C5P/xw5ZjP6V/ecfoihWcTh46z6sy1WpekudGYZegcGmiTRcfnRnZGFiskiCKytOxpkRQmEdkyIDaoXLT1bT5teb4PN1HbVsayhb+kxaB94igzhV04yEiIrj1ooGW2MsxpLqk+ffpR7+D5KoxITHduL4fOUHVWee7GQlB9l5eJTupGwaoSzkCw3G8LzCxdzGbakOKPQQyEcRLneRMU401IQUWUbXzMVAUrrvNOYmExALDTSoEXc1HYy7XspiBGu8Zvb945OHSBl6/WW2jZDsSNcfzlPDX1AYZGwwOeh4jXnUU1ibGxYxK46NCDGDOTP8mktg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=niZoNDjuCKlxjafr+l5m+Yhfa4Bk61qvpzvxIhzgSYE=; b=BBvxM4UemvjWjW9vXQSBQOAbcFoPZlNdKgy/71kXcd46p9XJlpVKXfMYyXEKFvV+7sJz0WUN6nS0vC6a7B8SVnY+XMZ//y74cwz1yT2NPTWz2CQgJeCjMC4tJtzv7hyOTiTvwGs8VbS/jrT33UbU2+X4mJfFGZUCmJ8O7WlTUoTZwv4AM/J/O7FanKhiy44YKgkE3N5xbyxq/+VZO7M2dh5VADPpmF3lS1s13ncD9CdTpOVS9z+v8IHWG9G0XraUUR/ApoMbiC+QdK26OBKb1Nb3Kxf3Um6AVqzDIHZD7mE4ym+DNiyztarnTzErcZ8sWQ/N26zGOFHV2ZRkNbbR+Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=niZoNDjuCKlxjafr+l5m+Yhfa4Bk61qvpzvxIhzgSYE=; b=KMGz7XWv5acp946l75DNOKRrXTazryHB75mqAxIGQzo0Tmdh6LCcsPIkddyYKxflFebPUstOWVboyih/sRAPTo/EIvk82QLuLzVFB/BYgV13RzCu8mloTefaNYCZSu3+16nnAhKmCcgNzRi9Yl+pL4c8LQjKYo3f0qX6iBN3aqQ=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by DU0PR07MB9639.eurprd07.prod.outlook.com (2603:10a6:10:31a::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Mon, 2 Jan 2023 09:58:09 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::fc77:42d2:1bc6:ec49]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::fc77:42d2:1bc6:ec49%12]) with mapi id 15.20.5944.019; Mon, 2 Jan 2023 09:58:08 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "hrpc@irtf.org" <hrpc@irtf.org>
Thread-Topic: New Version Notification for draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt
Thread-Index: AQHZHCtVfhw/LValBEanfMHwPcRhUa6K4U1S
Date: Mon, 02 Jan 2023 09:58:08 +0000
Message-ID: <HE1PR0701MB3050EC4B8C23D6C3A902967789F79@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <167238999618.44941.2496293209257158766@ietfa.amsl.com>
In-Reply-To: <167238999618.44941.2496293209257158766@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: HE1PR0701MB3050:EE_|DU0PR07MB9639:EE_
x-ms-office365-filtering-correlation-id: f9319d60-29fd-4407-5cff-08daeca7da07
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2ScdFM08mav7bjAlUzIk/GO5Fh5DpbsN6kakRhYjRnEBGxgeHrkfSCwI22b3M2G8dsP4JBhc3jDMVUE0VLNHrCnFPyDIzS5IUw/QKjfmOA5YEczX1Dx0uh9/5BYEuBcB/KP4RB/Z7/U4x186ijZOnqGpnjIBTlUJybkXHEWWRf23gqm3b1t2aPG57MCMNHcUQf73PUbrjjkKF0Yk7WrHwdQUpqfWXsB0nFCj0x9vGEeWGVuU5LjK4Hc2UisiS+jS0vIb77APcp/AvqH5dUM3ySU+mj1Gn4xmq0yyBFdeyLq+7qgFok48IsBpBlgb/NhAbsYVYX6JXkLz8MBT7VvtcT8YKSpWhoThhJDsGUt37WOpzvbTcA7uzSVYbIJvfqfrmL85FRgUty7/w4QxDmBC3vVz0A6QOeaY/nJI2rruM0Pl75eVJD4WsGN5k2ysr8FIOCgqlTfP0acXD4MAagQ/LDfS0jaoa6dq9YHhNRgONMWFgqCDCTojNhIn6T0alsWwqgyHzEOK+4bAAxuIXT43xDm46C9w5x1Iaw3X2VHrMuk02OReL5l9yrf38dR0OmpYcJZWIBulEcRe8yq+wsXKRZXZvebF5hc1b9cbxRjrEOQt6UnPszpe+0jXxiD4C+RRQfrED3RA6mInnKlhhPW+GRZqJcOHy/9UPYU0WKfa5mZeL/Q1luWZiEgr1SQDfM62txS4Kt3JqT5+BJUJD6mj0e/Toy+9Q3VEBHPzQe0CUSos9hVA50R0AHJeBc9UZnMUut4UpYPCFnbECiiYJGaprNXG+eaki7DiM/LYfsekEZw6yo8S+aEplipB3Hh3KhaRrNAKP8xLP94GzX6vWEpwwVXXb+7GDUvoLwkvUVFQXuQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(346002)(366004)(136003)(39860400002)(376002)(396003)(451199015)(83380400001)(66574015)(9686003)(26005)(186003)(53546011)(33656002)(55016003)(6506007)(7696005)(38070700005)(86362001)(38100700002)(166002)(82960400001)(122000001)(21615005)(41300700001)(8676002)(66899015)(15650500001)(4001150100001)(5660300002)(2906002)(8936002)(44832011)(966005)(71200400001)(478600001)(52536014)(66946007)(66556008)(66476007)(76116006)(316002)(91956017)(6916009)(64756008)(66446008)(22166006)(192303002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: gq9SwxZoRYJWQA0RNmfNjeVByj36iUvUemtD9SWqfluMs1mtBWqFZZUpIyXVeLOb/liKoMZfQmfcIFLoqbVQc2uhWSD4T7ERZCMvel1friLsPV7jeCxSHX7O1BR//icjGLwn5YxzvpG3XEliPVT/3WFh97H9fOPfRJMUp+8AVShrhj/2b9CY55vZjNStjlR0dTkT/64JyXfuh0cj3YW4I2Ju7jrcQvpGovDeN980Ao5GfZnQA/3p60CMmjBORNZ8Kz+OhxxjhCoNn/pFE6iS9yQ4uBHJp4QEPKmcts6G8ApzVV7AyrSwZcXvp6bxuQno3OP2fJLC+9ZoW/Wu6EUFkCZmlrs4OAyEZ/5iqR+G02ACRPz2RxUVyzpA20exluckXh6mcXmZsZjVvDuJjti4eRVirQ3B1K/BSw+d1FsV3p6oz9yW7YnsdmzWtOqppWjRzQQ96UnFWZyS3d0FUJoj3ZELuqeSTTRxtEzuCVMbQzENZuJr8h0XZLh6EukPu7udqRRv1Q0E0phng4uEpdqMPSeW3DuLspYdCKZh5OM3poclreaowJPHLV7TAdJOnd3AJsb1wjKuIXmYVAdc++lWO58DBgC/inglp2yVkEMQEEcsM0PorGMMMvYLsjrKUCotCf57dgBy/h0AD7bc2WLLCIr+dWj6NIKne7R0trdLD+mEWCpOxEs2kbeYlAeB9fOpySMVBaMm+Iag0VoIvVcpY+12ufAjMk5bamDQxOUHzpl+2dqlkv/d5fIJezAhal433EEiache8pAve58S7zP2nnFKEsvLMRwKN8/Uivsp93BdJj+I1aD+7M2AkGcrD2tJeyx5ODja9OyUtVDgjYsKObooWWIPWB43npF0eXnKcwGij+weqP8GGvyBT6ZDCdItNXtEbvXMnYa05Aw7KM14QBG5mNT0A3iJrBUxeLTnO45/s2BjOh+vuA0LDHDI2DlmJaCn2/RqbHvPAXvWMJvcv2DZarY1DMpSepGDkV2bwNTZgqgF3URKlODpNLmyIuUvYwwUZawM97dtj8WQix3JabjffQP1TLIwNrD+ZM1GbQFRYTs0iRGQKH2CKtC/M8VQL64HpFoLgJ7t2hxiKrOw1vPcGAizdM5JYrrJma/Z6fF8sfwZ87dts1RO0lfg5PtbOxK6mQdNIJAV751GWNsWmHssVfTxkLYq6aKygbleF7ogKwuBRJvx8nalRRXQh0GOJDQKr/7XnObbFF91tG0s8S/qZN05T1WBXSsh8BBdXL1eDouRlsgoEZeN0zDe6kl8mjHQbVOLYJQrRjaD4L7Jq5VAj7V+Mk62WUHganvU3KfBpWgEuYewQFyBIBUEDI0HqJUGtPF7F88iHCDuXG7RX8ZVaPttV2SuuW+9v8WBngGXRKiaD9Aijl3QgqNoKg4i2FDjn/yv7+oPN0l+v3vDy+JNTTBwCBxw/ADMwDMH3Rbtb5fKocMrkXMS8ur9Z1oIUsEUzyAOCyYbCZnhCqtkhiSZE1IesJ4/fqX1ci5/AqNdmWRpWo/GrpSM0Z+fAGlzaRjEOlLkMFOy8+YzHkYcCtpj8zeHr8/jNGlYRAntS/fL3jgWA6Hc2aBpb3hYZCHn4s9nF5ujAoleFKJEvB/k2uGwMGS0lDp5Y5mV96GKN1Q=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050EC4B8C23D6C3A902967789F79HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f9319d60-29fd-4407-5cff-08daeca7da07
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jan 2023 09:58:08.7330 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hzrXjs5gyGFyHivQexM56mTXaqT8XQzUvIB9cAXT5DGZmXiYI4ttQxCMsLQGiguDAV6GyxNoma8uEPHVgumxOiz0ZPvYtwEglAT1ZtD2RPk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR07MB9639
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/Y-FJdZJfwlJru2uC0zvZYHHCudY>
Subject: [hrpc] FW: New Version Notification for draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jan 2023 09:58:17 -0000

Hi,

I would love to get some HRPC feedback on draft-mattsson-tls-psk-ke-dont-dont-dont. If somebody wants to help me driving this as a co-author that would also be very welcome.

I am a very strong believer that key exchange without forward secrecy should be phased out everywhere. That is also Ericsson’s view. After Snowden, IETF certainly did talk the talk, but it does not always walk the walk. IETF is still producing new standards without forward secrecy and identity protection. I think forward secrecy and identity protection should be requirements for any future standards track documents.

As Eric Rescorla wrote in a mail a week ago, nothing that HRPC says is able to bind the IETF at all. I think it would be good if more people from HRPC got actively involved in IETF work.

In addition to the TLS 1.3 draft, I am also co-author of several other drafts with the aim of phasing out key exchange without forward secrecy. IETF needs to be a leading voice here. If IETF is accepting key exchange without forward secrecy and protocols without identity protection, it is very hard to phase out these things in other SDOs like 3GPP.

https://datatracker.ietf.org/doc/draft-mattsson-tls-psk-ke-dont-dont-dont/

https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/

https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/

Cheers,
John

From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: Friday, 30 December 2022 at 09:47
To: John Mattsson <john.mattsson@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>
Subject: New Version Notification for draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt

A new version of I-D, draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt
has been successfully submitted by John Preuß Mattsson and posted to the
IETF repository.

Name:           draft-mattsson-tls-psk-ke-dont-dont-dont
Revision:       02
Title:          Key Exchange Without Forward Secrecy is NOT RECOMMENDED
Document date:  2022-12-30
Group:          Individual Submission
Pages:          9
URL:            https://www.ietf.org/archive/id/draft-mattsson-tls-psk-ke-dont-dont-dont-02.txt
Status:         https://datatracker.ietf.org/doc/draft-mattsson-tls-psk-ke-dont-dont-dont/
Html:           https://www.ietf.org/archive/id/draft-mattsson-tls-psk-ke-dont-dont-dont-02.html
Htmlized:       https://datatracker.ietf.org/doc/html/draft-mattsson-tls-psk-ke-dont-dont-dont
Diff:           https://author-tools.ietf.org/iddiff?url2=draft-mattsson-tls-psk-ke-dont-dont-dont-02

Abstract:
   Massive pervasive monitoring attacks using key exfiltration and made
   possible by key exchange without forward secrecy has been reported.
   If key exchange without Diffie-Hellman is used, static exfiltration
   of the long-term authentication keys enables passive attackers to
   compromise all past and future connections.  Malicious actors can get
   access to long-term keys in different ways: physical attacks,
   hacking, social engineering attacks, espionage, or by simply
   demanding access to keying material with or without a court order.
   Exfiltration attacks are a major cybersecurity threat.  The use of
   psk_ke is not following zero trust principles and governments have
   already made deadlines for its deprecation.  This document updates
   the IANA PskKeyExchangeMode registry by setting the "Recommended"
   value for psk_ke to "N".




The IETF Secretariat

v2.23.0 | Report a Bug | By Email