IETF Logo Mail Archive

Re: Comments on Explicit/Trusted Proxy

Peter Lepeska <bizzbyster@gmail.com> Thu, 02 May 2013 01:57 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE8D221F9A2F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 May 2013 18:57:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.203
X-Spam-Level:
X-Spam-Status: No, score=-9.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZZ6F5Y9znueh for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 May 2013 18:57:36 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 2A2D621F9A25 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 1 May 2013 18:57:35 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UXike-0006Tc-0d for ietf-http-wg-dist@listhub.w3.org; Thu, 02 May 2013 01:56:04 +0000
Resent-Date: Thu, 02 May 2013 01:56:04 +0000
Resent-Message-Id: <E1UXike-0006Tc-0d@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <bizzbyster@gmail.com>) id 1UXikU-0006SB-Eg for ietf-http-wg@listhub.w3.org; Thu, 02 May 2013 01:55:54 +0000
Received: from mail-qe0-f49.google.com ([209.85.128.49]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <bizzbyster@gmail.com>) id 1UXikT-0003Z9-H6 for ietf-http-wg@w3.org; Thu, 02 May 2013 01:55:54 +0000
Received: by mail-qe0-f49.google.com with SMTP id 7so70899qeb.22 for <ietf-http-wg@w3.org>; Wed, 01 May 2013 18:55:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:content-transfer-encoding:message-id:references:to:x-mailer; bh=62SgpymjkotqzpHMlpjcc275GqyXtpieCeyf7wEhf+E=; b=Cs1erXfa5muyDf+mmA4gTbMdHqypKlMl85n/CeXueB9J7Kj67vUWusZjoS+n+fu3X1 YMuTR7JtKCvEFbWhNDU/eu9LACeij5r3kt2h14WDMMOWlrz6LGiUbrheMGJTqG5rneJD JC+lxxeMewjbKX8SkLsKFJl6TFCJK5Qp25Ox4v7FHaCTDuen2tJAWaK/vwurwVSGTuFH J1RsJ4jsLmsS1KXFE4bQUl5QJ5kAln9Cqimw/AzwfEgHMgtjJLoRkB+ouCWwXADj4Y6k TMCC5VTuDMPapr7uYdz2aTBL4mGN+8zmlp2yq1celfYWSin3mMl2LKPljtoAgmILsUuS evRA==
X-Received: by 10.224.128.9 with SMTP id i9mr5942597qas.81.1367459727838; Wed, 01 May 2013 18:55:27 -0700 (PDT)
Received: from [192.168.1.2] (c-98-217-194-99.hsd1.ma.comcast.net. [98.217.194.99]) by mx.google.com with ESMTPSA id hd1sm7920268qeb.1.2013.05.01.18.55.25 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 01 May 2013 18:55:26 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Peter Lepeska <bizzbyster@gmail.com>
In-Reply-To: <D6607F77-16B6-4434-82A5-2862615F673C@checkpoint.com>
Date: Wed, 01 May 2013 21:55:24 -0400
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <0A3A9428-0064-4A2D-A726-19257C8BA8B7@gmail.com>
References: <14A09626-8397-4656-A042-FEFDDD017C9F@mnot.net> <CANmPAYH60+wmeYQAikUd4ps3HdPQSm80TeZbMW37LioBYVj-7A@mail.gmail.com> <CAA4WUYjOPgCse6giEmy3f_MzRTC3K25oAWeAavHnzywc5pL91w@mail.gmail.com> <CANmPAYGr8QDhmLR50UzWYWK_fNYzGbF_P9EN0dOadmL-wQy61g@mail.gmail.com> <CAA4WUYjDoRFwPJNWzRqQHdBbV+DjF0mv8OO4RWTBSmh6=Dcnxw@mail.gmail.com> <CANmPAYEirEfpM6kEuxaM3OF7hsjWu8_Lr0aWfQ+btkEGOH3Vsw@mail.gmail.com> <CAA4WUYjGaZRVm3NtmT5qO3j7QKNZZiX7zBEV-pDhK0VGGSxuUg@mail.gmail.com> <896F1026-30C6-4397-B265-67285BFA9DDA@gmail.com> <517A5A3D.8030600@cs.tcd.ie> <19554DFB-5B05-495A-B006-EE55A32F3C44@gmail.com> <D6607F77-16B6-4434-82A5-2862615F673C@checkpoint.com>
To: Yoav Nir <ynir@checkpoint.com>
X-Mailer: Apple Mail (2.1503)
Received-SPF: pass client-ip=209.85.128.49; envelope-from=bizzbyster@gmail.com; helo=mail-qe0-f49.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.711, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UXikT-0003Z9-H6 1e75112c5f81d0b7d50710d9dcfb7911
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Comments on Explicit/Trusted Proxy
Archived-At: <http://www.w3.org/mid/0A3A9428-0064-4A2D-A726-19257C8BA8B7@gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17774
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I like the mcgrew proposal best as well. I like the way that it removes the "transitive trust" problem without having a tunnel within a tunnel and the passing of encryption keys over the air, which is the approach used in Roberto's draft as I understand it.

SPDY is increasing the adoption of SSL, which is rendering traditional caches less and less useful. At minimum it would be great to have agreement on what the protocol to support a trusted proxy would look like.

Even better would be if Chrome or another browser led the way and implemented it.

Peter

On Apr 27, 2013, at 4:09 PM, Yoav Nir <ynir@checkpoint.com> wrote:

> Here's one (I'm a co-author)
> 
> http://tools.ietf.org/html/draft-mcgrew-tls-proxy-server
> 
> One reason this was rejected is that MitM proxies are used for corporate firewalls and national firewalls, so the use case seems to be "Alice wants to post to Twitter trashing president Assad. Mallory who works for the secret police would like to catch her, so he installs a proxy."  The feedback said that if whoever wants the inspection (call them Mallory for now) can configure trust on Alice's client, they might as well install spyware instead. Another idea that was floated was to have the client send the keys to the trusted proxy. That way, the client could send just the encryption key (but not the hash key) so the proxy would be able to decrypt, but not forge. I didn't like that, but I did try to write a draft describing it:
> 
> http://tools.ietf.org/html/draft-nir-tls-keyshare
> 
> I still think this solution is unwieldy.
> 
> Anyway, the TLS WG can re-consider things. NPN was suggested several times. If there is a use case that is not "Mallory wants to see what Alice is telling Bob", a request from this WG would go a long way, regardless of which mechanism is preferred for enabling a trusted proxy.
> 
> Yoav
> 
> On Apr 26, 2013, at 3:45 PM, Peter Lepeska <bizzbyster@gmail.com> wrote:
> 
>> Hi Stephen. 
>> 
>> I was responding to Roberto's draft, which was submitted to this list. But my suggestion crosses over into TLS changes so I'll read up on the 5 previous discussions and post to the TLS group if appropriate.
>> 
>> Thanks,
>> 
>> Peter
>> 
>> 
>> On Apr 26, 2013, at 6:43 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>> 
>>> 
>>> Hi Peter,
>>> 
>>> If you want to modify TLS, then that's work that would
>>> need to be done in the TLS working group and not here.
>>> Note that this'd be about the 5th time someone has asked
>>> if we want to standardise how to do a MITM attack on TLS,
>>> which is a protocol designed specifically to deter MITM
>>> attacks, and the answer has always been an emphatic no.
>>> I cannot see that changing. As a current security AD I
>>> know I'd have a huge problem with standardising that
>>> attack as I believe would my co-AD who's responsible
>>> for the TLS WG.
>>> 
>>> If you want to propose changes to the semantics of HTTP,
>>> and supporting MITM proxies would be one such IMO, then
>>> I guess take that up with Mark. Or not, since I don't
>>> believe this WG is chartered to develop new semantics
>>> for HTTP at present.
>>> 
>>> Regard,
>>> Stephen.
>>> 
>>> On 04/25/2013 09:38 PM, Peter Lepeska wrote:
>>>> Some comments on Roberto's doc:
>>>> 
>>>> In the case where the user-agent has been configured with Chris as a
>>>> trusted-proxy, either Anne's connect-stream MUST use either a null-
>>>> cipher, or Anne MUST provide the decryption key material to Chris
>>>> immediately after tunnel establishment, and before any data traverses
>>>> the tunnel.
>>>> 
>>>> This seems like a showstopper to me. Even if we can get past the problems associated with a trusted proxy in general, I can't see getting acceptance of any approach that involves sending a session key from one machine to another. But why not just use two full SSL sessions like the typical MITM proxy (http://crypto.stanford.edu/ssl-mitm/ or http://mitmproxy.org) approach? But instead of forging certificates like they do, just give the trusted proxy its own certificate and then display both the trusted proxy certificate and the content server certificate in the browser when the user wants info about the two point-to-point SSL sessions.
>>>> 
>>>> "For the purpose of this document, it is assumed that the user locates
>>>> a piece of paper upon a wall and reads it, typing these proxy
>>>> settings into a configuration field for their user-agent.  This is
>>>> obviously not the only possible configuration mechanism, but it may,
>>>> sadly, be the most secure.  It is assumed that alternate distribution
>>>> techniques may be discussed.
>>>> "
>>>> 
>>>> While explicit proxy configuration may be the most secure, it is very difficult to manage for mobile devices especially, as others have mentioned on this list. Transparent interception is the more widely adopted approach -- not because of security but because of stability and manageability. 
>>>> 
>>>> What about "transparent" proxies that advertise themselves? Is it possible to use NPN (https://technotes.googlecode.com/git/nextprotoneg.html) to advertise the presence of an intercepting proxy for 443 traffic? Then the user can be notified that a proxy wants to be trusted for X reasons and the user would then make the opt in or opt out decision. Then, similar to SPDY, the presence of the trusted proxy in the end-to-end path could be signaled to the end user via icons in the browser.
>>>> 
>>>> MITM is used today with no user knowledge. At least in this approach, a user has the ability to opt in or out and to also be aware of the presence of the intermediate proxy.
>>>> 
>>>> Thoughts?
>>>> 
>>>> Peter
>>>> 
>>>> 
>>>> On Apr 24, 2013, at 12:49 PM, William Chan (陈智昌) <willchan@chromium.org> wrote:
>>>> 
>>>>> Yep, but no, it hasn't gone anywhere.
>>>>> 
>>>>> 
>>>>> On Wed, Apr 24, 2013 at 7:44 AM, Peter Lepeska <bizzbyster@gmail.com> wrote:
>>>>> Hi William,
>>>>> 
>>>>> Is this draft by Roberto Peon the one you were referring to?
>>>>> 
>>>>> http://tools.ietf.org/html/draft-rpeon-httpbis-exproxy-00
>>>>> 
>>>>> Has this gone anywhere?
>>>>> 
>>>>> I'm looking to design and build a "trusted proxy" that aligns with the browser development roadmap/vision in order to provide web acceleration functionality and so would like to get involved in this process if still active.
>>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Peter
>>>>> 
>>>>> 
>>>>> On Mon, Apr 30, 2012 at 5:57 PM, William Chan (陈智昌) <willchan@chromium.org> wrote:
>>>>> On the contrary, I think it's great to have multiple proposals. If you have your own vision for how this should work, please send it out! :) My statement was simply an FYI, not a "back off, we've got this!"
>>>>> 
>>>>> On Mon, Apr 30, 2012 at 2:45 PM, Peter Lepeska <bizzbyster@gmail.com> wrote:
>>>>> Perfect then I'll sit tight.
>>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Peter
>>>>> 
>>>>> 
>>>>> On Mon, Apr 30, 2012 at 5:43 PM, William Chan (陈智昌) <willchan@chromium.org> wrote:
>>>>> FYI, we (google spdy team) have been discussing a "trusted proxy" internally and I think Roberto's got a draft in the works.
>>>>> 
>>>>> 
>>>>> On Mon, Apr 30, 2012 at 2:22 PM, Peter Lepeska <bizzbyster@gmail.com> wrote:
>>>>> Hi Mark,
>>>>> 
>>>>> Earlier this group discussed the idea of a "trusted proxy". Does that fall under the HTTP/2.0 category?
>>>>> 
>>>>> I may have some cycles for this.
>>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Peter
>>>>> 
>>>>> 
>>>>> On Fri, Apr 27, 2012 at 1:28 AM, Mark Nottingham <mnot@mnot.net> wrote:
>>>>> Just a reminder that we're still accepting proposals for:
>>>>> 
>>>>> 1. HTTP/2.0
>>>>> 2. New HTTP authentication schemes
>>>>> 
>>>>> As per our charter <http://datatracker.ietf.org/wg/httpbis/charter/>.
>>>>> 
>>>>> So far, we've received the following proposals applicable to HTTP/2.0:
>>>>> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/Http2Proposals>
>>>>> 
>>>>> But none yet for authentication schemes:
>>>>> <http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals>
>>>>> 
>>>>> As communicated in Paris, the deadline for proposals is 15 June, 2012. It's fine if your proposal isn't complete, but we do need to have a  good sense of it by then, for discussion.
>>>>> 
>>>>> Regards,
>>>>> 
>>>>> --
>>>>> Mark Nottingham   http://www.mnot.net/
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>> 
>>>> 
>> 
>> 
>> 
>> Email secured by Check Point
>

v2.23.0 | Report a Bug | By Email