IETF Logo Mail Archive

Re: [IAB] IAB report to the community for IETF 103

Keith Moore <moore@network-heretics.com> Wed, 21 November 2018 13:05 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FF6F1292AD for <ietf@ietfa.amsl.com>; Wed, 21 Nov 2018 05:05:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S2ubRZP8Xw7p for <ietf@ietfa.amsl.com>; Wed, 21 Nov 2018 05:05:21 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD858128CE4 for <ietf@ietf.org>; Wed, 21 Nov 2018 05:05:20 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id C1D1621C1B; Wed, 21 Nov 2018 08:05:19 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 21 Nov 2018 08:05:19 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=8uTkjtMzvBZEFfB4783tG66kcHyGUJHbTIVHjxH+I w8=; b=of+y1TQLvDE9muyBZ+oRaMasTfUm4MwSLIhXXhXdTQPeHEhzY0OmTdcMB rYeNBHQemvidJJmsJs2/e2HxkgazuqQwtO7jXppDr67rPNOJ7U3a7kEkPkxCg5db /tCNgPHV09sM+wdZznw1WabRBz5QiZ++1m/Avqpztfm/xx0BDLTzUYRdlu8kFiHu cddajVv77ZW/SedlgTvKK1C22BWAxOsNYr/WMOnd7wqoY1w3GOUtp7cXLmi6xCnV yv9sBTD3MDprwnbcXFBYLrT+N+gxd3/1hSerxhZ2ToXBjPwhth9PHcn6WD4X+fzy SPZM5bL6XQ3OhkojFqgu3qQoL0ezQ==
X-ME-Sender: <xms:D1j1W0Ojb_VXKyHzVI_oSNYPQjavTHTFQ_nt2EJCB3wc3SNCk3FkkA>
X-ME-Proxy: <xmx:D1j1W8ItHCzExdo5udW65FVfX1Dc4YCZt40VJF8ms7wM_KqHfSUrOA> <xmx:D1j1W33ajW6T3nYMuLhOC9yveQKVicIFHeYAQiBDYMmyIq-prq5luw> <xmx:D1j1W4U6Wlp_LFI3kmW_gvYKdZaokfV5gMCn6KFz8Xn9zKzfuvuPxQ> <xmx:D1j1W1jH_sBa9DfqM50Q1OkdbfYL0NeNOp8XqUaYv9NV8YyiMser_Q> <xmx:D1j1W5tebMreBzUtkNpG8kNtnod4AuGfksB2CGjkdDGq8mlfdiHqcA> <xmx:D1j1W4P_jMGb-pI4J95ZOmXsR4nLX6aT9J2IlgEkECzY0NxdfZCvUQ>
Received: from [192.168.1.66] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id AEE87E46B7; Wed, 21 Nov 2018 08:05:18 -0500 (EST)
Subject: Re: [IAB] IAB report to the community for IETF 103
To: ietf@ietf.org
References: <CA+9kkMDEP-JKDwcwRMT7QUs-yQi+PsuKo22mFZxB6yKTEqTuSQ@mail.gmail.com> <6.2.5.6.2.20181111093128.0bd80f60@elandnews.com> <CA+9kkMAcJSixn2-S-OwK0tojyJLQZ=mrhr4NT7OM9+ji0vb=GA@mail.gmail.com> <3a90ee88-8801-45b7-5449-da59620c4576@network-heretics.com> <8911.1542633984@localhost> <5157400F-42D3-4F2B-BFE1-94D1E1B656E4@huitema.net> <49390263-2BE7-4EA1-B732-84AA9D873A83@nohats.ca> <396690372.6606044.1542761090230@mail.yahoo.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <ac2cb94c-c155-d6fb-a321-f18ccd4f34e1@network-heretics.com>
Date: Wed, 21 Nov 2018 08:05:17 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <396690372.6606044.1542761090230@mail.yahoo.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/3joP1HJ2sO3kGKzA0GbqcbPJObE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 13:05:22 -0000

On 11/20/18 7:44 PM, Lloyd Wood wrote:

>>> That belongs in the to be written RFC "ETSI extensions to TLS considered harmful".
>>> Of course, we may debate whether we want to publish such RFC.
>
> Perhaps a more general 'Security protocols designed by any other
> organisations considered harmful' is the way to go.

I doubt that such a direction would enhance our reputation or that of 
our documents.   I'd much rather see us make specific technical 
arguments, e.g.

- If an IETF RFC cites TLS x.y, that citation only applies to TLS x.y as 
published by IETF, not some other *TLS published by some other 
organization.   Just because something else is named *TLS doesn't mean 
it's secure or an acceptable substitute, especially when some of them 
have deliberately been made in such a way as to compromise the users' 
security.

- If one party to a connection discloses the information in the 
connection to a third party, whether by choice or to meet some 
organizational or legal requirement, that's their business and IETF 
isn't questioning that.  But intercepting the traffic at the IP layer is 
not a good way to implement such disclosures for several reasons - e.g. 
it effectively constrains the applications to only work over particular 
network segments, which harms the flexibility of the Internet as a 
general-purpose communications fabric; it discourages transparency and 
accountability that such record-keeping should require; etc.   (It's not 
the record-keeping that's being questioned; it's the very notion that 
packet interception is a suitable way to accomplish that.   Packet 
interception is a poor architectural choice, and yes that includes 
deep-inspecting firewalls and monitors.)

- For similar transparency arguments a communications protocol that is 
designed to effectively appear as TLS to the endpoints and/or its users, 
but which lacks the end-to-end confidentiality properties of TLS, should 
be discouraged by every means available.

- The introduction of TLS variants that are designed to leak private 
information seems likely to introduce yet another destructive tussle, as 
privacy-conscious users try to determine whether their hosts and 
applications are leaking their information, while the spooks try to 
evade such detection.   (Yes I'm aware that some such proposals provide 
explicit information to their endpoints.)

etc.

Keith

v2.23.0 | Report a Bug | By Email