Re: Quic: the elephant in the room
Phillip Hallam-Baker <phill@hallambaker.com> Sun, 11 April 2021 21:27 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B60233A1F32 for <ietf@ietfa.amsl.com>; Sun, 11 Apr 2021 14:27:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dlzDMoOoLhaI for <ietf@ietfa.amsl.com>; Sun, 11 Apr 2021 14:27:40 -0700 (PDT)
Received: from mail-yb1-f181.google.com (mail-yb1-f181.google.com [209.85.219.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 135AB3A1F2F for <ietf@ietf.org>; Sun, 11 Apr 2021 14:27:39 -0700 (PDT)
Received: by mail-yb1-f181.google.com with SMTP id l9so12900586ybm.0 for <ietf@ietf.org>; Sun, 11 Apr 2021 14:27:39 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kKpClf9Byh7wtwJTDv+su2LiRJAQh8IXgdYG8AqYhLs=; b=IHiytZwycKfOVPl4U3ak8mlqQySlPhhW1KtJf1f2ewzYSTkO9xSGuurO4sq/tBNBE1 FtCS4XpFWKcuXM7Ti4qURKCZ/l3YgFlx419kbXaMyf/VMMscVn1L3ik/Dmip6CXg20a8 7d6UqOv1N0LfE+Qys4JiarqfZ7K8jOvlSgttPNvCsocTfq4IMFl5vSNnYv1tZpX8igWs erQ4LcCk6kq/hBO0nPt742HhfUhUU3DlUAa/cPwOhMY8SJRgpzFs2bX8/xcSaC3Y7+3W 64fK2X77URpKnNVV0zbEVBo6tOzEBDaNdg0p88FomkZ0N454w5sjWkGfmiSUA4FKFuVC qkYg==
X-Gm-Message-State: AOAM532ZhPBkbSmkgenxhsaUA3xEcjR2TN/Q59Hatx1TINeN2mmQpd/S Nm2bP3AqZEwhXfz/AwBin2fqukCYqRDPwQXwFXFbFhzJWD9/hg==
X-Google-Smtp-Source: ABdhPJyBGhTAizK+U3qAjVagrqJz4hZbb0YFR96QaFNI2pXzy+nOPKiFbvnyPK8CbUFtOcVorXtIoF7x9zqHWLq0zQw=
X-Received: by 2002:a5b:48c:: with SMTP id n12mr33911350ybp.273.1618176458899; Sun, 11 Apr 2021 14:27:38 -0700 (PDT)
MIME-Version: 1.0
References: <3b25c77d-e721-e86d-6c34-a90039aab0e2@mtcc.com> <CAMm+Lwhi8xwFgZJL7jod2g4urZt_f+dm0tNi+3y1osqOfch2mQ@mail.gmail.com> <3593a01f-73f4-7d03-a85b-dff64a8b070e@mtcc.com> <506A780B-9C0D-4F4A-B045-098F6152F4DB@akamai.com> <14cd802e-2a1b-97d4-c80d-b57f93e8cc21@mtcc.com> <CAMm+Lwj-O3NMJ+zWbfOViUXE1PBPzOZ6E1iPfZ0uWAj+1Q=_-w@mail.gmail.com> <ade4b396-507b-c969-ff32-2b3291fc14fc@mtcc.com> <CAMm+Lwh6ZaR2aQ_j15q9FwdYHojuFxG_GscRQjGXdD_t4z_fqA@mail.gmail.com> <ffd180f0-0359-9a84-9889-de395df3127a@mtcc.com>
In-Reply-To: <ffd180f0-0359-9a84-9889-de395df3127a@mtcc.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Sun, 11 Apr 2021 17:27:28 -0400
Message-ID: <CAMm+LwgnY70pDxVf43Yfi27n-Hf8swhP0zF3K4=ErpgQa7SeuA@mail.gmail.com>
Subject: Re: Quic: the elephant in the room
To: Michael Thomas <mike@mtcc.com>
Cc: "Salz, Rich" <rsalz@akamai.com>, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000004424405bfb91157"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/wy2ow0l4tnh1_ozYt5UA6a5_3NA>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Apr 2021 21:27:45 -0000
On Sun, Apr 11, 2021 at 4:13 PM Michael Thomas <mike@mtcc.com> wrote: > On 4/11/21 12:56 PM, Phillip Hallam-Baker wrote: > > On Sun, Apr 11, 2021 at 3:34 PM Michael Thomas <mike@mtcc.com> wrote: > >> e already have a widely adopted example where we ignored the webpki folks >> too: DKIM. >> > That is completely false. I was a member of the DKIM working group and its > predecessors. Two years before the DKIM WG was started, I designed a DNS > based key credentialing scheme together with a major technology vendor. > This was demonstrated to Yahoo by my CEO, Stratton Sclavos before the date > of the Yahoo patent claim. > > Uh, Jim and I didn't use certificates in the design of IIM and neither did > Mark with DK. Since the three of us were the basis of the combined protocol > I am very surprised that you are unaware of the Sender-ID protocol. Surely Jim mentioned it to you. That was joint work with a third party. We agreed not to put our proposal on the table so as to make it easier for work to proceed. Allowing others to take credit is one thing, misrepresenting my position is quite another. There was never a question of using certificates. At the time I was deeply involved trying to get the DNSSEC spec modified so we could deploy it. The Assertion infrastructure in SAML was originally from my Trust Assertion XML Infrastructure from the late 1990s. Together with Barb Fox and Brian LaMacchia at Microsoft and Dave Solo at Citi, I had proposed XKMS which doesn't have anything like a certificate. > I think I have a little bit of insight into our thinking. So yes, we > ignored the webpki guys including you. Thank goodness for that because a > trip down that rat hole would have doomed it. > VRSN wanted a protocol with either raw keys or hashes of keys in the DNS so that we could create a use case for DNSSEC. The history here is that about a year earlier, I had had discussions with > Jon Callas, then CTO of PGP to see if we could persuade the market to move > beyond the S/MIME vs PGP format war. The thing that ultimately prevented > that work getting off the ground was not DKIM itself but the spam crisis > that had prompted it. It was clearly not time to propose a second, > different scheme. Some of the proposals I made in that group were intended > to keep the door open to progress towards an encryption solution. > > We showed Jon our design before we released it as a sanity check. At no > time did he say anything about certificate based approaches. > Again, you assume that VRSN was only interested in certificates. The original IIM design used SRV records to find key servers. It's looking > more and more that it was actually the right design. But Cisco was nobody > with email so it was easier to go with flow of DK. I was the original one > in our group to advocate that and I'm at peace with that. > I agree SRV was the right tool to do the job right, if you want to see the approach I would do instead of DANE: https://tools.ietf.org/id/draft-hallambaker-web-service-discovery-05.html DNS Web Service Discovery (ietf.org) <https://tools.ietf.org/id/draft-hallambaker-web-service-discovery-05.html> Take the following service description: _mmm._tcp.example.com SRV host1.example.com 0 10 80 host1.example.com _mmm._tcp.example.com SRV host2.example.com 0 40 80 host2.example.com _mmm._tcp.example.com TXT "version=1.0-2.0" mmm.example.com CNAME host3.example.com host1.example.com A 10.0.1.1 host2.example.com A 10.0.1.2 _mmm._tcp.host2.example.com TXT "path=/service" host3.example.com A 10.0.1.1 host3.example.com A 10.0.1.2 The text in the spec doesn't have TLS policy but you can see exactly where it would go. I could decorate the _mmm._tcp.example.com record to specify policy for all the hosts or do it on a granular per-host basis on _mmm._ tcp.host2.example.com. Starting with TLSA and then trying to work out how SRV fitted in was an obvious non starter. And I don't know how something that could reduce the message count to the >> original 3 way handshake is somehow the "wrong model". In what way? Is DKIM >> the wrong model too? >> > DKIM is very definitely the wrong model and we knew that when we wrote the > spec. DKIM is simply the best model that was possible within the time frame > and with the vast and ugly legacy of SMTP deployment. It would have been > even uglier if not for SPF giving us some breathing room. > > I have no idea how something that signs billions and billions of messages > a day can be considered the "wrong model" whatever that means. > DKIM was designed for SMTP and SMTP alone. It is not a model that can be generalized to other protocols and we knew that at the time. It is certainly not a pattern I would want people to repeat as a paragon. IIM was a better approach if you wanted to go for policy. The web-service-discovery draft above is basically taking ideas from IIM and Stuart Cheshire's DNS Service Discovery work. Given where we are now with all SMTP using STARTTLS, I would probably look > to implement TLS client auth instead which would allow fast restart to > amortize the public key operations. But thats not where we were then. > > TLS doesn't do anything to help the end-to-end authentication. > DKIM provides 'middle to end' authentication, not end to end. Since it is (usually) checked only in the middle, middle to middle might have been as good a choice. The reason I think it might have been the right approach is that we wouldn't have needed to sit through the endless discussions of envelope vs sender From, the vagaries of sending mail etc. But at the time it was the wrong approach because much as I would have wanted to use spam to drive STARTTLS deployment, that approach almost never works.
- Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Stephane Bortzmeyer
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Michael Thomas
- Re: DNS vs PKI, was Quic: the elephant in the room John Levine
- Re: DNS vs PKI, was Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room David Conrad
- Re: Quic: the elephant in the room David Conrad
- Re: Quic: the elephant in the room Viktor Dukhovni
- DNSSEC architecture vs reality (was: Re: Quic: th… Keith Moore
- Re: DNSSEC architecture vs reality (was: Re: Quic… Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: DNSSEC architecture vs reality (was: Re: Quic… Viktor Dukhovni
- Re: Quic: the elephant in the room Andrew McConachie
- Re: DNSSEC architecture vs reality Keith Moore
- Re: DNSSEC architecture vs reality Petite Abeille
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: DNSSEC architecture vs reality Marco Davids
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Michael Thomas
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Phillip Hallam-Baker
- Re: Quic: the elephant in the room Nico Williams
- Re: Quic: the elephant in the room Salz, Rich
- Re: Quic: the elephant in the room Viktor Dukhovni
- Re: Quic: the elephant in the room Salz, Rich
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality John C Klensin
- Re: DNSSEC architecture vs reality Keith Moore
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Keith Moore
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality John C Klensin
- Re: DNSSEC architecture vs reality Keith Moore
- Re: DNSSEC architecture vs reality Michael Thomas
- Re: DNSSEC architecture vs reality Nico Williams
- Re: new RRTYPEs, was DNSSEC architecture vs reali… John Levine
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Mark Andrews
- Re: DNSSEC architecture vs reality Petite Abeille
- Re: DNSSEC architecture vs reality Petite Abeille
- Re: DNSSEC architecture vs reality Andrew McConachie
- Re: DNSSEC architecture vs reality Patrik Fältström
- Re: DNSSEC architecture vs reality Eliot Lear
- Re: DNSSEC architecture vs reality Patrik Fältström
- Re: DNSSEC architecture vs reality Patrik Fältström
- Re: new RRTYPEs, was DNSSEC architecture vs reali… John R Levine
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Nico Williams
- Re: DNSSEC architecture vs reality Jim Fenton
- Re: DNSSEC architecture vs reality Masataka Ohta
- Re: DNSSEC architecture vs reality Petite Abeille
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Phillip Hallam-Baker
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Nico Williams
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Donald Eastlake
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Phillip Hallam-Baker
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Viktor Dukhovni
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Phillip Hallam-Baker
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Vittorio Bertola
- Re: new RRTYPEs, was DNSSEC architecture vs reali… Phillip Hallam-Baker
- Re: Fwd: Quic: the Elephant in the Room Michael Thomas
- Fwd: Quic: the Elephant in the Room Lars Eggert
- RE: Fwd: Quic: the Elephant in the Room Vasilenko Eduard
- Re: Quic: the elephant in the room Ben Laurie
- Re: Quic: the elephant in the room Phillip Hallam-Baker