IETF Logo Mail Archive

Re: [MLS] Use Cases for avoiding Forward Secrecy

Russ Housley <housley@vigilsec.com> Thu, 01 March 2018 15:11 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6623212D77E for <mls@ietfa.amsl.com>; Thu, 1 Mar 2018 07:11:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id og_zBNDrH2WJ for <mls@ietfa.amsl.com>; Thu, 1 Mar 2018 07:11:25 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FEA7126DED for <mls@ietf.org>; Thu, 1 Mar 2018 07:11:25 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 905D830066F for <mls@ietf.org>; Thu, 1 Mar 2018 10:11:23 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id F-2tXpQZhn80 for <mls@ietf.org>; Thu, 1 Mar 2018 10:11:22 -0500 (EST)
Received: from [172.22.112.5] (unknown [65.132.39.155]) by mail.smeinc.net (Postfix) with ESMTPSA id A8747300590 for <mls@ietf.org>; Thu, 1 Mar 2018 10:11:22 -0500 (EST)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3954E772-B48D-40AF-8931-D655B4BA06A9"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Thu, 01 Mar 2018 10:11:23 -0500
References: <CAKHUCzxOwmPrpUUj6HSRMcxiXtRmT05OapeBQdRA49bSWum6yQ@mail.gmail.com> <CABcZeBPBqNUqhwzjFKdwv3TbW4U23zY-1um8Rz1mf4vFNJX=HA@mail.gmail.com>
To: mls@ietf.org
In-Reply-To: <CABcZeBPBqNUqhwzjFKdwv3TbW4U23zY-1um8Rz1mf4vFNJX=HA@mail.gmail.com>
Message-Id: <4D5030D8-E144-45E9-AB27-1B6E64A3C5F7@vigilsec.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/wPRzu--FzXgWBE-pOwKYvYrk_EU>
Subject: Re: [MLS] Use Cases for avoiding Forward Secrecy
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2018 15:11:26 -0000

> Generally, I think the right answer to these, however, isn't to modify the messaging protocol but rather to add that functionality on the messaging app over the top. That also is a much easier way to do new device history sync

This is similar to the approach used in some email environments.  The email message is decrypted for reading, and then encrypted in a separate archive key for storage.

Russ

v2.23.0 | Report a Bug | By Email