IETF Logo Mail Archive

[OPSEC] Request comments and discussion for draft-camwinget-tls-ns-impact

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Wed, 04 March 2020 02:18 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BB1D3A0BBD for <opsec@ietfa.amsl.com>; Tue, 3 Mar 2020 18:18:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=KhmxsR6X; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=mNtRBSn4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ERUvT_YkQ3t for <opsec@ietfa.amsl.com>; Tue, 3 Mar 2020 18:18:11 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B59A73A0BBA for <opsec@ietf.org>; Tue, 3 Mar 2020 18:18:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4253; q=dns/txt; s=iport; t=1583288291; x=1584497891; h=from:to:subject:date:message-id:mime-version; bh=iVFgQ0SzqijnuXncceFVP2wO9wpwCCCjnbW6RK1IUPE=; b=KhmxsR6XF7k5H0oISUr8EXmCxOWRxil5RnDLN9jZWGcGWRpL6Mn53J4B DiYsKlYrdurtPz5n7HIq7nn3EoM15CYECwqzA1j8EcxV9WmJg7ixXZSmN +PqF2iYcgjdT71vN7oWcDxeO487CX5ZXwG2LXpGtTxtYz0nkS9fQv7pjx k=;
IronPort-PHdr: 9a23:H+5K0RFCDB99Bx3y9GADj51GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4z1Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+efjhZiklHcJNfFRk5Hq8d0NSHZW2ag==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BMGQC+Dl9e/5pdJa1mH4NHL1AFbFggBAsqhBSDRgOKaE6VRIRiglIDVAkBAQEMAQEjCgIEAQGEQBmBZSQ4EwIDDQEBBQEBAQIBBQRthVYBC4V8ER0BATgRAQwxDQIEMCcELgeDBAGBfU0DLgEOogUCgTmIYnWBMoJ/AQEFgUNBQIJGGIIMAwaBOIUghwUaggCBOCCCTYEpGQGBXwIDAYIOgmSCXpBmhXCZSgqCPASHTo8UHJsxRI4uiHySTwIEAgQFAg4BAQWBaSKBWHAVZQGCQVAYDY41g1uFFIVBdIEpjz8BAQ
X-IronPort-AV: E=Sophos;i="5.70,511,1574121600"; d="scan'208,217";a="455768725"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 04 Mar 2020 02:18:10 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 0242I2a0008130 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for <opsec@ietf.org>; Wed, 4 Mar 2020 02:18:09 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 3 Mar 2020 20:18:07 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 3 Mar 2020 21:18:07 -0500
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 3 Mar 2020 20:18:07 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mMOyUFZQLmCUx1GzEDHRZT4mYEXu4397Yb1BpigC1LDm/jeA7VF1OFD5nxhbHj9qjv36cFHlxWTlyYvFgstlW4jyNhMMfbTquN5T6Nv2eBg9ffU82I5oWv3sYasZMeaxUplRFOGMh63M8NBO+WlUnDIwuWr7QCUnrBl1lJnzcZq2sri2m7+ApOWMd+mL9GzEBKYtRbpr0Xcquam5uj78sycVa777ZLPRRiieYMiEUzhfT8CwyLGno2Tjg3QzOe4XT8ovAlSwaR9dREmEPjg7yFcmPqTQFYVJBEf9ESBd2iHUJYlqsBcNR+rCepN7jrL43D6IFiw3+dZHK6IXBNvOTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=iVFgQ0SzqijnuXncceFVP2wO9wpwCCCjnbW6RK1IUPE=; b=SZ2QXk8ZTlNpI3owA92wBqK/sesqXGjSV+BBQTbUovbCQYIa0I4nijLr0nY7ibS1Y3l0EieaF4/ECMsQhdOthM6xbCpRKygIYYKWkFM2HO7NW3PjoOQlLwB9wqH05zYCa2fozr8c2GIWsr7PSeyPigMByYRDuK6Un/2/Ga+/J9dkverFeQUr3CuAyYrcj2YOLiw5U/CUZGndd9PgYX0CVUqdz79ZsMQ/I5JUaoX1sAkEDQ1uEqvMOPI862JMpR+xtsuV9apA6mgrBLZ7V94rGF1CYahYzfgaSH89QyVbd8Ll+R5bBtrsyLHqRq+6oTPoBPoDh0ptAFSWN7osGKJsUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iVFgQ0SzqijnuXncceFVP2wO9wpwCCCjnbW6RK1IUPE=; b=mNtRBSn4jv+ZfnAcL3d3NblOeddWaH2HDqO4t541wHyCFPeINKogrYVF+b9HHWwA1Dh+pWk/iCTNqBKXnHOabW5sUFzAagg6HrUL3NMfMK/lHq4CVK8Q6a4t7bIdBYU3kHzzCFf+csi9mR85Rm9Vn/1dMw53dxit8rUcHRXereM=
Received: from BY5PR11MB4070.namprd11.prod.outlook.com (2603:10b6:a03:181::16) by BY5PR11MB4183.namprd11.prod.outlook.com (2603:10b6:a03:18e::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.14; Wed, 4 Mar 2020 02:18:06 +0000
Received: from BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::30a9:3a20:96f7:a1e7]) by BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::30a9:3a20:96f7:a1e7%7]) with mapi id 15.20.2772.019; Wed, 4 Mar 2020 02:18:06 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: Request comments and discussion for draft-camwinget-tls-ns-impact
Thread-Index: AQHV8csjPCc2ri87eUiwsjydupKeww==
Date: Wed, 04 Mar 2020 02:18:05 +0000
Message-ID: <DC776DEE-D5DC-46CD-BDBE-114990494486@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.13.200210
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:c0c8:1003::60d]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 231dff58-7d23-4833-25de-08d7bfe24670
x-ms-traffictypediagnostic: BY5PR11MB4183:
x-microsoft-antispam-prvs: <BY5PR11MB4183D84F555692C67EDDDB74D6E50@BY5PR11MB4183.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4941;
x-forefront-prvs: 0332AACBC3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(396003)(366004)(39860400002)(346002)(136003)(189003)(199004)(6486002)(71200400001)(81166006)(8676002)(81156014)(6512007)(66446008)(64756008)(4744005)(86362001)(76116006)(5660300002)(66556008)(66946007)(6506007)(66476007)(966005)(8936002)(316002)(33656002)(186003)(2616005)(36756003)(6916009)(2906002)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:BY5PR11MB4183; H:BY5PR11MB4070.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LdUPgiajE2VRDG4Yz14mo0jLYJg25/wyN6uuO05FVw3CMB0pKtHAbEIcOELg2XFSCKYlo8ZuKV4w1U51tTTEz2AIiV8t4i61yzhrS+yUs5CrEHzxTwI34oReu78Xp0PcTg6C0ogpfQsI8FEGzGeWmpnsL0e9fQc8+V8YERjYzVmdFBYIs1/vKPca9M0BP25EaezqCIKFhyQbNHHWPHpkVtXdwX16TntFfpwgT71DPTb6rf892+ws3HH56VKNzTZhVv3hEXE9Mk0SBBCo1AR82KDrLTME2KXrupj4Tn90qSgJkhe+QsF4ZCgcAaB5DRCM2d/OHssfMVTYiNYH0VvKawzO+gF95FpQEZkBiYXPFnHJQvq1z2zJCu1ZsrMHCauU7M7xbhKf9oKN9sW/UuhmFjVQ+RWYZV9SjfoxaKknBu44OBlkQTZHZGZkaa8CsdWeQ+wA4Z81/7y7/SujwKKm4cuc6n20XCOPl3GpXvKQAQhHAGIPIgkwFftMa+zbmuZv8jHNYqYkcoJuOEGHLCwunw==
x-ms-exchange-antispam-messagedata: fO30g3J5b2hPAhURubEIuqUvpUpg/s0g3J41QuOJ6I8r2U0uqPtj9PIdMjIsds4JfouBa89lOIC5Zj2ihmE1H/GZG+QNQHsm3PW0ik9gg+FtlQhq95n4EDQPfE6PsRXC/KZ+b/lZkXWkCOL1IShLnwAuMEuXIzEtN2JyczaOJBs=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DC776DEED5DC46CDBDBE114990494486ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 231dff58-7d23-4833-25de-08d7bfe24670
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2020 02:18:05.9314 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: JbJNHsH/lAZBM/aRdPl1L3bom8vNpcoq+1ZPP4Sj99VYKBXe2aYYSARgKY0xoncy1i4c4yrUU0buMJ2s4l8oNg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4183
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/GkSgkHStvNR_4lyE1Udk4gWb3Us>
Subject: [OPSEC] Request comments and discussion for draft-camwinget-tls-ns-impact
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2020 02:18:13 -0000

Hello OPSEC participants,

Given the trends to improve on security and privacy, we thought it important to also
document how network security solutions are used and how they interact with TLS.
We have submitted https://datatracker.ietf.org/doc/draft-camwinget-tls-ns-impact/
and believe it is appropriate to discuss in this working group.

Warm regards,  Nancy (and my co-authors)

v2.23.0 | Report a Bug | By Email