IETF Logo Mail Archive

[Model-t] draft-thomson-tmi

Martin Thomson <mt@lowentropy.net> Mon, 13 July 2020 04:33 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B61173A0CD2 for <model-t@ietfa.amsl.com>; Sun, 12 Jul 2020 21:33:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.22
X-Spam-Level:
X-Spam-Status: No, score=-0.22 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=TRnCwVWF; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=HazFMxF1
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P25It-P-vZ-M for <model-t@ietfa.amsl.com>; Sun, 12 Jul 2020 21:33:02 -0700 (PDT)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E2883A0CD0 for <model-t@iab.org>; Sun, 12 Jul 2020 21:33:02 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 5EB9A453 for <model-t@iab.org>; Mon, 13 Jul 2020 00:33:01 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Mon, 13 Jul 2020 00:33:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=XHov3ZNzZkpUyY4UwxL1PiUfafT+lXCxECDCA5NB/s0=; b=TRnCwVWF tZC9GbzZcLtO8Xee1k8kJz8o29jXZ/hIph3DAtGnDbDAUPv8xvHKSMTxpaShywup cI6efCQV1Vs8uMr4xdUgRUU3qVIY+yce0+9+vRek22N9tFfbbPcbFzjFjWA46PJE oLPmuxo0/2cxBQYKUqIgQV+SLWgKpcdLZ+mmGKzc0rZViD2+iqgovnIWaYzFXrX5 +HSAUZ7BgCjqPzayx49kDA+mIIv5lOwzGClfKy5Z2QSf+wes4l3WKyrXzTIkKIIm KXJ9mMOvwr8YOo8BtHwoG74vGkBiT96zVy9m3w6GUGDJCjzxIyW0x9vGLLxxNOXY PC8eWXAHVkhyXg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=XHov3ZNzZkpUyY4UwxL1PiUfafT+l XCxECDCA5NB/s0=; b=HazFMxF1wBg0q14DF3Zx0YG4Yc7ebVHRd5x0+N1xU32jG CHPv1ZcobdaYRtPMBSQfkXkzXRb1bbOVnjKezi0gBEkbshIhTkyQI3ImvB1m+PQR H0wToNeILVAIx0k8dpdUOsn0XYCApCKrNM8lZJhbdCfm9M15X5lfDXb6WM0J6CZ4 hMXBotVhgpvjFM+YhUPiFt9+WT3zJVns+ET7p/clkB2J3Gb1a701dE3yTlC/gtpM uxvNKLWg16sBvPwJU8f0LujukaHzMlB8UczDi+f3g6PmVye/bCy2N2LOqUFxdrmU 8CPeB5N2KEk9FMMoStBh9ByaFaXkQ57VdiLwc78mQ==
X-ME-Sender: <xms:_OMLXzbdzzjNZyLBWW2u5hPF-u24EngOEEyO3XYFKdiFtYqNTLIv2g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrvdejgdekjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecuogfuuhhsphgvtghtffhomhgrihhnucdlgeelmdenuc fjughrpefofgggkfffhffvufgtsehttdertderredtnecuhfhrohhmpedfofgrrhhtihhn ucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtffrrg htthgvrhhnpeffiefgieffjeejudelteegleegieejudefvdeiudeugfdvfeethfelueff udetieenucffohhmrghinhepihgvthhfrdhorhhgpdhgihhthhhusgdrihhopdhgihhthh husgdrtghomhenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr ohhmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:_OMLXybQ_frbHa-aAoBUlr4SNsZEL4v3i2hlcGEVkP6K3YwinkPr0A> <xmx:_OMLX18cfLUL-a574J0iM8phZnXxPiXC4X0fDskFalMJr8TqSMmODA> <xmx:_OMLX5razJUxLoLJwBCYe4ITsxLqdDqMuehED_RvPd80KOk7vsTZmg> <xmx:_eMLX_5UXiuR_loRCH6YaI12b5pBPjyhsc5cR_PWMiOnqjWLmPwFvQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id B2552E00CD; Mon, 13 Jul 2020 00:33:00 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-613-g8a73ad6-fm-20200709.001-g8a73ad6e
Mime-Version: 1.0
Message-Id: <422978b2-028d-48e1-85ed-ddaa36e36052@www.fastmail.com>
Date: Mon, 13 Jul 2020 14:32:40 +1000
From: Martin Thomson <mt@lowentropy.net>
To: model-t@iab.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/QIEz3MSnpl1SXNRUPWePoa-DUFU>
Subject: [Model-t] draft-thomson-tmi
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2020 04:33:04 -0000

There have been a lot of discussions recently about the threat model, but I thought that I would contribute something concrete.

This is an attempt to capture what I believe to be the principles behind some of the more prominent recent protocol design efforts.  In some ways this is a broader take than that in RFC 8558, which was a discussion of transport protocols.  QUIC very much embodies these principles, but I could point to a number of other efforts across the IETF.  The principles I recommend are:

   1.  Prefer designs without intermediaries

   2.  Failing that, control which entities can intermediate the protocol, and

   3.  Limit actions and information that are available to intermediaries

The draft is here: https://datatracker.ietf.org/doc/html/draft-thomson-tmi-00
A live HTML version is here: https://martinthomson.github.io/tmi/draft-thomson-tmi.html
And if you feel motivated to contribute, on GitHub: https://github.com/martinthomson/tmi

This might not be the right venue to discuss something like this, but as this came out of discussions in Singapore, I thought I would share it here.  This is less about the threat model than a specific response to some of the threats we've discussed; to that end, it probably isn't in the charter of this group, but I hope that it informs discussion.

v2.23.0 | Report a Bug | By Email