IETF Logo Mail Archive

Re: [Last-Call] Last Call: <draft-knodel-e2ee-definition-07.txt> (Definition of End-to-end Encryption) to Informational RFC

Eric Rescorla <ekr@rtfm.com> Tue, 11 October 2022 02:37 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA5EEC1526E9 for <last-call@ietfa.amsl.com>; Mon, 10 Oct 2022 19:37:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oUkp67pXvTfk for <last-call@ietfa.amsl.com>; Mon, 10 Oct 2022 19:37:50 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 285A1C1526F8 for <last-call@ietf.org>; Mon, 10 Oct 2022 19:37:50 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id i65so2994223ioa.0 for <last-call@ietf.org>; Mon, 10 Oct 2022 19:37:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EFphdFJJ2RYOnszbmG/yq4VZRL3m3vKQGCDtM9QzmBI=; b=TQ6aTRuy1kScXdVatWPWiBgkZGKGOu4XWw+22tbWTVtZuHlv1ca5R3qVfqUODuqdOP lBEyFUXD9X+HbuiyTwcZUVOYnPPRj6fdPsgKZc5XLp/TrXmHDM0IqaX70jAGRUQehEKo invMP30s8iwv0Ze6Wxdx+HIcvWDeqxRhJqerMdimnVPVnR/0LL5rq5GE381223+Jc+cK V4S/k845uP0pK7hxEJFV1UHQhzTLSWFcQY7Iv/m3xRcOqTptJmkl7cqG9x+cAEWWyjO9 VAoKbPuRrkHZiEEO96lLGhG7Ugow3evvGDYcYPGW45CU2mpojez5uv3Tj5NBdnJeh1GK +aBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EFphdFJJ2RYOnszbmG/yq4VZRL3m3vKQGCDtM9QzmBI=; b=uaJVrLZ9NNer/5FW82UG6CO1l/lERc57vzyfpF5ygoQ8pLONd+19H50+tLLDWCH8Ev uBOt2o08XqQRWYzoeGIxRzlYUcBH3NfHoBkZxDxIq2q4t/6+482fJ/b3r6GVmK2dJBYD dUWNNAEf6eJT4hd7XlmbDzQQyAQU2x3WRHYBXso5+iCi8a69jVohyjOl78hYcqMo9uzP Sh0+0vcJCkFowiJUKOnccNubTkd2E+hX1J0Gsf8Mea/WziB623RkID90YnNiNz9lVUk6 KKSmS9UnCZZW/0+LsmfjzS1CXY/beOgjjGakRoiawE08thECb6b9iLt35OPAG0yYSYKU /DyQ==
X-Gm-Message-State: ACrzQf0rPpMJdKuDoBDvEAea8JqDGCOEKIl3OXocxFNfZOHN+DurKLJ9 I4h9dZ63sTD72X4k8VniWGcDusqG5saNmz5+DbOklQ==
X-Google-Smtp-Source: AMsMyM5sZHBZ9pc44Xx8ksZGh+LT1+OD07JAsVzcldgRlDdu/83iJHuYiM4DQoORGWzPzqVFyOucKxoun6xs8AGp+bk=
X-Received: by 2002:a05:6638:dc9:b0:35a:6d36:1091 with SMTP id m9-20020a0566380dc900b0035a6d361091mr11831847jaj.148.1665455868935; Mon, 10 Oct 2022 19:37:48 -0700 (PDT)
MIME-Version: 1.0
References: <166543691624.50302.455688238167114999@ietfa.amsl.com> <0fc6247a78604e6a80f82418bd2ce4c9@akamai.com>
In-Reply-To: <0fc6247a78604e6a80f82418bd2ce4c9@akamai.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 10 Oct 2022 19:37:13 -0700
Message-ID: <CABcZeBM4HK7DMVj3MtNt77URE_O37kYm-BchMZ+x8L9ft4KmEQ@mail.gmail.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Cc: IETF-Announce <ietf-announce@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "draft-knodel-e2ee-definition@ietf.org" <draft-knodel-e2ee-definition@ietf.org>, "paul.wouters@aiven.io" <paul.wouters@aiven.io>
Content-Type: multipart/alternative; boundary="000000000000751a3805eab92963"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/aH4e7X3ZwIzLXt_XgE1-6Z4WTnk>
Subject: Re: [Last-Call] Last Call: <draft-knodel-e2ee-definition-07.txt> (Definition of End-to-end Encryption) to Informational RFC
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2022 02:37:53 -0000

I too am surprised to see this draft being brought forth. As Rich
indicates, there were a number
of critical comments raised in SAAG [0], and the draft has not been updated
to address those comments. I trust that those will be taken into
consideration as part
of the consensus determination without the authors having to re-send them.

I have attached my review (previously sent to SAAG) below.

-Ekr

[0] https://mailarchive.ietf.org/arch/msg/saag/EC9FvWH_PNqBMQBPp5cccqOzcRk/


---------
I too have concerns about this draft as-is. I reviewed a previous
version of this document (-02) and I see that a number of my comments
[0] still apply, but in this message I want to talk about the bigger
picture, specifically what function we expect this document to
serve in the IETF.

The basic mismatch I see in that respect is that the IETF designs
protocols and this document focuses on systems. For instance, consider
three instant messaging systems:

- In System 1, all messages are TLS-encrypted between clients and
  the server but in the clear on the server.

- In System 2, everyone has an app that they use for messaging and data
   is encrypted all the way to the app using MLS.

- System 3, is much like System 1 except that someone has built
  a client which runs on the server and which exposes a Web
  interface.

Based on the text in Section 2.2, I take it that the position that
this document takes is that only System 2 is E2E secure and that
Systems 1 and 3 are not. While I agree that this is true from a
systems level, it's not helpful in IETF, which concerns itself with
designing protocols.

Specifically, there is an important distinction between a protocol
like MLS, which is *compatible* with a fully E2E system and a protocol
like TLS, which is not--at least for messaging--though it might be E2E
in other contexts. And because the IETF's job is to design protocols,
having a definition which tends to elide that distinction doesn't seem
very helpful for our purposes, though it might of course be useful for
other purposes.

I think this document would be a lot more useful if it focused on
protocol functionality and the system architectures it enables; the
result would be something much shorter and more targeted, but would
actually apply to something we could reason about in the IETF context.

-Ekr


[0]
https://mailarchive.ietf.org/arch/msg/secdispatch/BwmdjEnXlAjd8u4DWQgeSOKr6rA/
[1] There are, of course, settings in which TLS is used end-to-end,
    but that's a separate topic.












On Mon, Oct 10, 2022 at 7:01 PM Salz, Rich <rsalz=
40akamai.com@dmarc.ietf.org> wrote:

> I am strongly opposed to this document being published in the IETF stream.
>
>
> In response to Paul bringing the draft up, there were several major
> concerns raised. There was no feedback from the author, let alone no new
> draft that addressed any of the issues.  There is also no explanation why
> Paul brought it up, although there was the implication that it was being
> considered as AD-sponsored. Is that correct? If so, why is it now being
> considered as an inidividual submission?
>
>
> Why isn't this being sent to the ISE?
>
>
> --
> last-call mailing list
> last-call@ietf.org
> https://www.ietf.org/mailman/listinfo/last-call
>

v2.23.0 | Report a Bug | By Email