IETF Logo Mail Archive

Re: [IAB] IAB report to the community for IETF 103

Michael Richardson <mcr@sandelman.ca> Wed, 21 November 2018 15:30 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACB151277CC for <ietf@ietfa.amsl.com>; Wed, 21 Nov 2018 07:30:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.301
X-Spam-Level:
X-Spam-Status: No, score=-2.301 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m4gQat2i3cfB for <ietf@ietfa.amsl.com>; Wed, 21 Nov 2018 07:30:50 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FD0C12777C for <ietf@ietf.org>; Wed, 21 Nov 2018 07:30:50 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 947FE20089; Wed, 21 Nov 2018 10:30:44 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id 0A949B90; Wed, 21 Nov 2018 10:30:49 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 089ADB8C; Wed, 21 Nov 2018 10:30:49 -0500 (EST)
From: Michael Richardson <mcr@sandelman.ca>
To: Ted Lemon <mellon@fugue.com>
cc: moore@network-heretics.com, ietf <ietf@ietf.org>
Subject: Re: [IAB] IAB report to the community for IETF 103
In-Reply-To: <CAPt1N1=HEo-CwAg6dkLqjgHrUEWf57pfqb9V3tHUsCKRmonvfA@mail.gmail.com>
References: <CA+9kkMDEP-JKDwcwRMT7QUs-yQi+PsuKo22mFZxB6yKTEqTuSQ@mail.gmail.com> <6.2.5.6.2.20181111093128.0bd80f60@elandnews.com> <CA+9kkMAcJSixn2-S-OwK0tojyJLQZ=mrhr4NT7OM9+ji0vb=GA@mail.gmail.com> <3a90ee88-8801-45b7-5449-da59620c4576@network-heretics.com> <8911.1542633984@localhost> <5157400F-42D3-4F2B-BFE1-94D1E1B656E4@huitema.net> <49390263-2BE7-4EA1-B732-84AA9D873A83@nohats.ca> <396690372.6606044.1542761090230@mail.yahoo.com> <ac2cb94c-c155-d6fb-a321-f18ccd4f34e1@network-heretics.com> <CAPt1N1kc=saPbipLmnMsonzVgWQv5aQ3GDWSYCOZJA-6x+_aUQ@mail.gmail.com> <119FFF2A-598E-4EE5-9E8B-75735A4AA788@network-heretics.com> <CAPt1N1=HEo-CwAg6dkLqjgHrUEWf57pfqb9V3tHUsCKRmonvfA@mail.gmail.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 21 Nov 2018 10:30:49 -0500
Message-ID: <18004.1542814249@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/lDTzAIMGDESjYKTMdRHZ8aRqNsg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 15:30:53 -0000

Ted Lemon <mellon@fugue.com> wrote:
    > With all due respect, Keith, whatever we may think of it, there are
    > certainly people who think eavesdropping is a valid use case, and it
    > doesn't actually serve our ability to talk about and possibly
    > influence people who are on the fence about it if we pretend
    > otherwise.

Yes, some of them think of themselves as providing an auditing function.
It would be good to know which argument is being used in each case.

    > On Wed, Nov 21, 2018 at 8:56 AM Keith Moore
    > <moore@network-heretics.com> wrote:

    > Facilitating “eavesdropping “ is NEVER a valid use case.


    > Sent from my iPhone

    > On Nov 21, 2018, at 8:47 AM, Ted Lemon <mellon@fugue.com> wrote:




    > I would suggest being more explicit:


    > TLS 1.3 [RFC8446] is intended to address the following use
    > cases [cite use cases that do not include eavesdropping, and
    > do include preventing eavesdropping and providing forward
    > secrecy].


    > It has come to the attention of the IETF that ETSI has
    > published a TLS 1.3 specification which addresses a different
    > set of use cases [cite use cases]. We wish to point out that
    > some of the use cases addressed by RFC8446 are not addressed
    > by ETSI. The ETSI specification should not be used in cases
    > where addressing these use cases is required [give examples].
    > The IETF takes no position on whether the ETSI specification
    > successfully addresses these use cases. However, it definitely
    > does not address the complete set of use cases addressed in
    > RFC 8446.


    > Use of the TLS variant described in this ETSI specification
    > was considered by the IETF and did not gain consensus. As
    > such, use of this variant is not recommended by the IETF.


    > I think publishing this as a very brief RFC would be quite
    > appropriate.





    > On Wed, Nov 21, 2018 at 8:05 AM Keith Moore
    > <moore@network-heretics.com> wrote:

    > On 11/20/18 7:44 PM, Lloyd Wood wrote:

    >>>> That belongs in the to be written RFC "ETSI extensions
    > to TLS considered harmful".
    >>>> Of course, we may debate whether we want to publish
    > such RFC.
    >>
    >> Perhaps a more general 'Security protocols designed by
    > any other
    >> organisations considered harmful' is the way to go.

    > I doubt that such a direction would enhance our reputation
    > or that of
    > our documents. I'd much rather see us make specific
    > technical
    > arguments, e.g.

    > - If an IETF RFC cites TLS x.y, that citation only applies
    > to TLS x.y as
    > published by IETF, not some other *TLS published by some
    > other
    > organization. Just because something else is named *TLS
    > doesn't mean
    > it's secure or an acceptable substitute, especially when
    > some of them
    > have deliberately been made in such a way as to compromise
    > the users'
    > security.

    > - If one party to a connection discloses the information
    > in the
    > connection to a third party, whether by choice or to meet
    > some
    > organizational or legal requirement, that's their business
    > and IETF
    > isn't questioning that. But intercepting the traffic at
    > the IP layer is
    > not a good way to implement such disclosures for several
    > reasons - e.g.
    > it effectively constrains the applications to only work
    > over particular
    > network segments, which harms the flexibility of the
    > Internet as a
    > general-purpose communications fabric; it discourages
    > transparency and
    > accountability that such record-keeping should require;
    > etc. (It's not
    > the record-keeping that's being questioned; it's the very
    > notion that
    > packet interception is a suitable way to accomplish that.
    > Packet
    > interception is a poor architectural choice, and yes that
    > includes
    > deep-inspecting firewalls and monitors.)

    > - For similar transparency arguments a communications
    > protocol that is
    > designed to effectively appear as TLS to the endpoints
    > and/or its users,
    > but which lacks the end-to-end confidentiality properties
    > of TLS, should
    > be discouraged by every means available.

    > - The introduction of TLS variants that are designed to
    > leak private
    > information seems likely to introduce yet another
    > destructive tussle, as
    > privacy-conscious users try to determine whether their
    > hosts and
    > applications are leaking their information, while the
    > spooks try to
    > evade such detection. (Yes I'm aware that some such
    > proposals provide
    > explicit information to their endpoints.)

    > etc.

    > Keith






    > ----------------------------------------------------
    > Alternatives:

    > ----------------------------------------------------

v2.23.0 | Report a Bug | By Email