IETF Logo Mail Archive

Re: [IAB] IAB report to the community for IETF 103

Lloyd Wood <lloyd.wood@yahoo.co.uk> Wed, 21 November 2018 00:45 UTC

Return-Path: <lloyd.wood@yahoo.co.uk>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5FF2130E11 for <ietf@ietfa.amsl.com>; Tue, 20 Nov 2018 16:45:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.co.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ijxTQG8emuR5 for <ietf@ietfa.amsl.com>; Tue, 20 Nov 2018 16:45:00 -0800 (PST)
Received: from sonic306-21.consmr.mail.ir2.yahoo.com (sonic306-21.consmr.mail.ir2.yahoo.com [77.238.176.207]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 712DF12896A for <ietf@ietf.org>; Tue, 20 Nov 2018 16:45:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s2048; t=1542761098; bh=UOpGgUoFqv6fHPqqbFL7Br4LJFdWGcY3d6T6Nt1orGs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From:Subject; b=ABQl7RCA+iQLvzSV2F7GD+apcw2qdnxJSXxSYhQWTmqUP3HV2E1o9JtKFGDlufzc1b6uQMqDed97BHsJTPVMrssoEcXM73xP71EKHyn+MnVhXv1RjCqPMvNS9rY70RYeN4WyqYHDDffyPct+x4kugXZH71kv/7p4LpH1cWn8l1wEsi4Bx3dGPr43KB1YAQFPSZMwJrqllCiVdVddwVXoi0/+hMp0pi3ukmZg93RDW5oFgZEQQaT7giBrEMO48Ckh80Ku83BRzV1tWuEs7opD2wSgLuhueJOHN/T/DRj8AEN5hMk7DJcIfVToFhY58V46FWlekRfqzdKWsNdTn4vPwQ==
X-YMail-OSG: d6IxmPUVM1lPBf5SHFbFM74gYufYCf.JvC1HVezsy.eIJ79X0PoMV2_qvK.Wmfi SiUh_gi04T_HrY7Z0Oas9NTGUEDme1na4lCAXkRt0qjqV5wrKkZzmwoz9o5Kl7Px9zIzEKsEBUIc H4q_dAgqha0yeAXsLJXnaFMhJbhzs_4YpF918I4a8p34NDIDQ6r41ZkENiOZM4kjkRWRXUP59cR9 Y4noamU6ibyNuo8H_RbsjNsgCvctfTC15P_vgInz3ly1pg5Hhs2LE8vkx0Nl2VYWUt12c7vyMAF7 Z0WgttkDhIXRcXZoHO1wHIUPCAZ0q9UWdQs4QLQWvatsQYpajja54wWzWr01mDNzSk5YrqESBSEf lnR_I8AjsVfpCPoJjTKyEAAq1FO1wKk5jD4gdvReqX8OI.qPuSWQaU1O6PSbybB3lQEktWVr.LWy CpHR0vMa1pCJ3SVBOsVOr4EhyNnuTIhLBve3HPBwyqKV4efGzgZ8EtkC_nP58IA1tVdjYMK9MDHY X2WX9iX3Uz5IekHrTHm.HOMzVZy.XM.swWyqn3Tb9RthgnuT28BLDQhaFHL21DSWaEpVmLYsrCJY IzHkaTVB8AN25h2QEPZFvEd6kZL1nioSS__dHgNXzdxFGLxiwxpKX9uhocuNbcT63QYRJyKEGtwa hVbV8aWedo3FvyCuSH6p.Nf7gsfVPma9RJyEccA26v51xkTdMAfTX94qEj5tBGYm__p6_19HJerV 4GocLFdY5TBPf7S2BjcTNePHVRr_2MPDiMYU8v9wH1A0OsAQ6EH1Ggo1fr_YdfCUqDY0JbzLx9d7 ooXdu5dqc5AFaPVicaGbl0X.G0QBjbAnAejqRhaxq7wTQIJj8JcYXOx6xuJFbny6Rrm6ucn1l9tb FbySjPDciX1k8GfsbCTGkz5qP5lmVY4SdeU_x.6Uwdx4Fs5DpQwQRsazXWvFCw2l.QtYXPfpN_4D s5HT8aMHTmOWdRzCZuLjo3JJQeA26U_GOMgjgStZDUsHv7996N1NmNntto5zuCeD6WT_.kdCiGB7 nxoU8l.EMKipfYDiw5rYQAsxcsOTwhZJp6g--
Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ir2.yahoo.com with HTTP; Wed, 21 Nov 2018 00:44:58 +0000
Date: Wed, 21 Nov 2018 00:44:50 +0000
From: Lloyd Wood <lloyd.wood@yahoo.co.uk>
Reply-To: Lloyd Wood <lloyd.wood@yahoo.co.uk>
To: Paul Wouters <paul@nohats.ca>, Christian Huitema <huitema@huitema.net>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, Keith Moore <moore@network-heretics.com>, "ietf@ietf.org" <ietf@ietf.org>
Message-ID: <396690372.6606044.1542761090230@mail.yahoo.com>
In-Reply-To: <49390263-2BE7-4EA1-B732-84AA9D873A83@nohats.ca>
References: <CA+9kkMDEP-JKDwcwRMT7QUs-yQi+PsuKo22mFZxB6yKTEqTuSQ@mail.gmail.com> <6.2.5.6.2.20181111093128.0bd80f60@elandnews.com> <CA+9kkMAcJSixn2-S-OwK0tojyJLQZ=mrhr4NT7OM9+ji0vb=GA@mail.gmail.com> <3a90ee88-8801-45b7-5449-da59620c4576@network-heretics.com> <8911.1542633984@localhost> <5157400F-42D3-4F2B-BFE1-94D1E1B656E4@huitema.net> <49390263-2BE7-4EA1-B732-84AA9D873A83@nohats.ca>
Subject: Re: [IAB] IAB report to the community for IETF 103
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Mailer: WebService/1.1.12729 YahooMailNeo Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/Fg9_CtLh6mjk31ViAPIdbfNw9Us>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 00:45:04 -0000

>> That belongs in the to be written RFC "ETSI extensions to TLS considered harmful".
>> Of course, we may debate whether we want to publish such RFC.


Perhaps a more general 'Security protocols designed by any other
organisations considered harmful' is the way to go.

L.

and that includes the IRTF.

 
Lloyd Wood lloyd.wood@yahoo.co.uk http://about.me/lloydwood



________________________________
From: Paul Wouters <paul@nohats.ca>
To: Christian Huitema <huitema@huitema.net> 
Cc: Michael Richardson <mcr+ietf@sandelman.ca>; Keith Moore <moore@network-heretics.com>; ietf@ietf.org
Sent: Tuesday, 20 November 2018, 12:59
Subject: Re: [IAB] IAB report to the community for IETF 103





> On Nov 20, 2018, at 00:20, Christian Huitema <huitema@huitema.net> wrote:
> 
> 
> 
>> On Nov 19, 2018, at 5:26 AM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>> 
>> Can you give me an example of what you mean?
>> (i.e. "Use "TLS MUST NOT in a sentence" :-)
> 
> Of course it can be done: 
> "Clients SHOULD detect repeated use of the same [EC]DH key share by a server, and MAY terminate TLS connections with alert Repeated-key-share detected when detecting this form of server misbehavior."

It will just use prf(secretseed) maybe with a prefix for random(number of rounds). How will you detect those ?


> That belongs in the to be written RFC "ETSI extensions to TLS considered harmful". Of course, we may debate whether we want to publish such RFC.

I would like to see a discussion of this, even if we end up not writing one.

Paul

v2.23.0 | Report a Bug | By Email