[Ohttp] A few responses
Martin Thomson <mt@lowentropy.net> Tue, 15 June 2021 02:03 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: ohttp@ietfa.amsl.com
Delivered-To: ohttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C08EB3A19DD for <ohttp@ietfa.amsl.com>; Mon, 14 Jun 2021 19:03:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=EUY4N5gW; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=OkRWLEUy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mngwfciAtBzz for <ohttp@ietfa.amsl.com>; Mon, 14 Jun 2021 19:02:55 -0700 (PDT)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F1983A19DC for <ohttp@ietf.org>; Mon, 14 Jun 2021 19:02:55 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 547F65C01A3 for <ohttp@ietf.org>; Mon, 14 Jun 2021 22:02:52 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute4.internal (MEProxy); Mon, 14 Jun 2021 22:02:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=GBssSJ59hZ77hIh+8dAaLIJPpHYRjenvkwHymh6130M=; b=EUY4N5gW w6ctDh/J8krQj+BKWdhRK0t1LGUYioJkX0WvjBMeMoj8alnWHN1eEq9XMkJOG3TP ci59Xagpe0DMNnj8s8+mDDP5vZMq0EmY9oOTgZK7a2Fz4QyXEcy0deY9IeGLxj6E PljEKt5ISAE3QQ3R2k9JbOs51u/sid39uweI47N2uMoH6+b6NC7p9KLxIK9rOWrF qb1E1hE+WCaxGt03z2zLb+JVn72XeNvA5OgU/8ZdNX5bfY0ub8o70eoK8n4ReuMW 3iQQSpbcuwcm9mBeOTaeDB8E9K1MKj/Sf8gJqKAeqNMdukk1so5Cb643/R2keBaS Vgpm7m/GAoCGig==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=GBssSJ59hZ77hIh+8dAaLIJPpHYRj envkwHymh6130M=; b=OkRWLEUyR7N03gN/syODFEg6fprh6S+evRIDfUFHDI+/A 1YYBoS0+Fnl4/wFxK32XKWWyiLg4g/dUzMuyv51ZJZvWF0IP4zSy0wgslgUyh7PK hRzJpUcKShvqcPjHTPXMfwwkuahKkBNOKZU6/BBR5jH8ykpkkJOn97YXlLsD1Iie goRsnotyowvv5dkzDCsMYukiqSuWSCIUoLisvgNkS/vNmiXYZbDi2wp7S5uNk6DP iQFwHYoKmeJ6dkJR66/JqD6hOh1EGnCoGldpT53xf4GDeaStEeiISSbANhi5gfLW bZH4XTt1ON74+C2r0/K/qKUQ8mIsgAqnPYF9Dej9g==
X-ME-Sender: <xms:SwrIYMIpNLcUoVwaZJbL5miohDP21mUIY1V6T_rjdcA4U8PqhaSEpg> <xme:SwrIYMIviOH6dX-4z1WFD9PKfyq-YVPIvHrcujQPUC1gbDZydr1rsTbgbOxstlLs6 U6gsAke90ZlZ0lhZ0I>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfedviedgheegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfffhffvufgtsehttdertd erredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigv nhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeevgfdutdfgjeefudeuheekhe ekudeugeehfeegveekkeegleevveffueduffehheenucevlhhushhtvghrufhiiigvpedt necurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:SwrIYMv5HJwXR0uLI9utFajupS7veX1hsS67XN_SkveGijkNNC1QSg> <xmx:SwrIYJYpyhbhvwLDJlHEHo-4BP2G3Mzjai3sJ35WLFAfZDWSLsDjVg> <xmx:SwrIYDY9_PtTWlgSWP3BRktgl_pJQEUEx7_VO8StThfSs_bBlxOQ1A> <xmx:TArIYMlKAxdw5JeDNY1ufd5F7IaOMzLtKxF50QJgUGOyrH_Udi3oOg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id D81A64E0090; Mon, 14 Jun 2021 22:02:51 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194
Mime-Version: 1.0
Message-Id: <4f21995e-1fa3-4813-bfb4-42d117fe7f2e@www.fastmail.com>
Date: Tue, 15 Jun 2021 12:02:31 +1000
From: Martin Thomson <mt@lowentropy.net>
To: ohttp@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohttp/HH2Eu3gN_sUwtZKSWItWPyT2_RQ>
Subject: [Ohttp] A few responses
X-BeenThere: ohttp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Oblivious HTTP <ohttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohttp>, <mailto:ohttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohttp/>
List-Post: <mailto:ohttp@ietf.org>
List-Help: <mailto:ohttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohttp>, <mailto:ohttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 02:03:01 -0000
For some reason, I missed the creation of this list, so I can't reply directly. I do think it worthwhile to respond to a few comments. Eliot asks: > 2. Is the use of this work likely to help miscreants more than those in need of privacy? No more so than building any other sort of infrastructure helps other miscreants. I don't ordinarily engage with this sort of comment. Better tools exist for miscreants. I do want to point to one thing here that is inherent in the design. The two main resources that are involved in the exchange - the one at the proxy and the one that does decryption - all have a fixed relationship to each other. This is deliberate because it avoids having any sort of open encrypted relay. That doesn't mean that those resources couldn't use URI parameters, but it does mean that without knowledge of the deployment, you won't naturally get the sort of flexibility that might be exploited in the same way that DNS[1] has been. Michael says: > You have two proxies here. > I didn't think that the oblivious HTTP mandated two. There are logically two intermediaries here: one to forward encrypted messages, one to unwrap and wrap plaintext messages. So yes, two proxies. Deployments we are considering will likely collapse the decryption piece with the thing that serves the response. That keeps the crypto on endpoints with just a single intermediary. That is, the following are equivalent in that deployment model. client -> add encryption -> proxy -> remove encryption -> server === client (adds encryption) -> proxy -> server (removes encryption) Noting that the end-to-end argument supports the view that encryption is an endpoint responsibility, the protocol distinguishes between the two functions at the server because we want to protect the complete request. That includes the URI. The thing that removes the encryption on the server side can - at least in theory - send the unprotected request somewhere else. Vittorio asks: > If the same entity controls the proxy and the target, what's the actual gain in privacy? I don't think that anyone is considering these two resources being operated by the same entity. There is definitely value in having independent operation of these services. Though I want to caveat that. End-to-end encryption is not considered as theatre, but when you get right down to it, at least in most systems I've seen, the same entity controls the software on endpoints and the servers. There is value to the operational and organizational controls that are used to ensure that cleartext data doesn't cross into places it should not be. That's a digression, but I'm happy to talk (maybe in a more appropriate forum) about the ways in which an organization's internal procedures are more relevant to security than some perceived independence. Vittorio also speculates: > ... we end up with very few global providers managing the proxy layer ... I think that sort of speculation falls firmly in the FUD category. Yes, it is fair to consider the implications of what we build, but even those of us building this don't have enough information about how this might turn out. If you want to lay out a more detailed argument where you more carefully identify your assumptions, that might be a valuable contribution. Broadly speaking, the sort of work we do here has the sorts of risks you identify. These are the constant responsibility of all of us. However, when speaking of generalities, those are the subject of the mission of the organization, not the charter of individual groups. Insisting that we consider the complete suite of possible apocalyptic scenarios only leads to nothing happening. I'm not opposed to saying good things about important issues. If you have specific text changes to provide, that would be helpful. > there are sources that need to be recognized (e.g. bots) and destinations to be blocked permanently (e.g. illegal content) or depending on who the user is (e.g. parental controls) You might need to say more about who you believe is acting in each of these cases. I get the bot example, but that can be accommodated by not using ohttp if necessary. Or by using something other than IP (which might be better anyway). Why would someone deploy a protocol that prevents them from accessing information they believe to be critical? Lars says: > IP address The friendly amendments there are good. I was using the QUIC understand of "address", which includes the source IP and port. The port could be important here for a range of reasons, but I don't see any need to encode that in charter text. [1] Using DNS here deliberately. Not DoH/DoT. The encrypted versions tend to attract the heat for this, but it is the DNS protocol that enabled it, encryption only hid it. ODNS showed us how to hide it without DoH/DoT.
- [Ohttp] A few responses Martin Thomson
- [Ohttp] Centralization and deployment models Vittorio Bertola
- Re: [Ohttp] Centralization and deployment models Martin Thomson