Re: Secdir last call review of draft-ietf-httpbis-encryption-encoding-08
Robert Sparks <rjsparks@nostrum.com> Thu, 06 April 2017 14:50 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F83F126CE8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 6 Apr 2017 07:50:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n4zXihUaS2X8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 6 Apr 2017 07:50:51 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 808A5128768 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 6 Apr 2017 07:50:46 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1cw8ha-0003DE-JW for ietf-http-wg-dist@listhub.w3.org; Thu, 06 Apr 2017 14:47:58 +0000
Resent-Date: Thu, 06 Apr 2017 14:47:58 +0000
Resent-Message-Id: <E1cw8ha-0003DE-JW@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <rjsparks@nostrum.com>) id 1cw8hL-0003BW-E0 for ietf-http-wg@listhub.w3.org; Thu, 06 Apr 2017 14:47:43 +0000
Received: from raven.nostrum.com ([69.55.229.100] helo=nostrum.com) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <rjsparks@nostrum.com>) id 1cw8hF-0002pl-6Q for ietf-http-wg@w3.org; Thu, 06 Apr 2017 14:47:38 +0000
Received: from unescapeable.local ([47.186.26.91]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v36ElBKd026308 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 6 Apr 2017 09:47:12 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host [47.186.26.91] claimed to be unescapeable.local
To: Martin Thomson <martin.thomson@gmail.com>
References: <149142527327.21912.5654685591478038284@ietfa.amsl.com> <CABkgnnU7qXVeCDxoRbG8i6GbxJTA6gRpyHH0Yf+h0eRAJ+WLxw@mail.gmail.com>
Cc: "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-httpbis-encryption-encoding.all@ietf.org, "ietf@ietf.org" <ietf@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
From: Robert Sparks <rjsparks@nostrum.com>
Message-ID: <1f550ddb-a279-ad2b-0599-c9ed2c95da09@nostrum.com>
Date: Thu, 06 Apr 2017 09:47:08 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CABkgnnU7qXVeCDxoRbG8i6GbxJTA6gRpyHH0Yf+h0eRAJ+WLxw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=69.55.229.100; envelope-from=rjsparks@nostrum.com; helo=nostrum.com
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1cw8hF-0002pl-6Q 146f3c5f07e6929be4eeb1d443c7b417
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Secdir last call review of draft-ietf-httpbis-encryption-encoding-08
Archived-At: <http://www.w3.org/mid/1f550ddb-a279-ad2b-0599-c9ed2c95da09@nostrum.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33799
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 4/5/17 5:32 PM, Martin Thomson wrote: > On 6 April 2017 at 06:47, Robert Sparks <rjsparks@nostrum.com> wrote: >> My only concern is that the document suggests it would be ok to use a >> counter to provide a unique salt value >> for each message. I suspect that provides the kind of information leak >> the draft discusses avoiding. > Hi Robert, can you explain what sort of leakage you are concerned > about? I mean, I can understand how you could construct the sequence > of resources that were encrypted using a counter for the salt, but I > don't know what that might imply. Things like these: - A third party that could see that sequence would know if there were gaps. - If creation or transmission time can be approximated (perhaps via file stats), the third party can more quickly assess the rate of creation, and have a strong idea of when to look for the next one. Of course for both of those, the 3rd party would need to somehow know the content came from the same source, but it's easy to see systems built using this that would expose that. > > That said, I think that the counter thing can be removed. We require > 128 bits of salt, which is a space that is large enough to select > randomly from in perpetuity. That would be my personal preference.
- Secdir last call review of draft-ietf-httpbis-enc… Robert Sparks
- Re: Secdir last call review of draft-ietf-httpbis… Martin Thomson
- Re: Secdir last call review of draft-ietf-httpbis… Robert Sparks
- Re: Secdir last call review of draft-ietf-httpbis… Martin Thomson