Re: [Patient] [saag] Internet Draft posted as requested -

["Diego R. Lopez" <diego.r.lopez@telefonica.com>]

Hi Stephen,

I agree we should not bore the list (and ourselves) repeating the disagreements we have. Those are the kind of discussions for the third or fourth beers...

Just let me remark a couple of things I have seen when reviewing today's messages that I think are worth noting:

1) You do not need to break TLS or HTTPS, as there are potential alternatives that could be applicable, depending on the case. For IoT environments I foresee multiparty security could be a reasonable choice. For personal environments, I think Paul's idea of decrypt-and-bless could be something interesting to explore. And replying to Melinda, those proposals do not imply sharing session keys (though there is a draft on enterprise datacenters arguing for a related approach that I think has a solid case behind...) In summary: there are options on the table that deserve some attention, and do not imply breaking TLS

2) What I had in mind when replying to you was not arbitrary routers, or WiFi Aps, or any other network box being authorized to inspect encrypted traffic. I foresee a single (or very few) edge devices that are properly authenticated, authorized (in a PoC we have we even attest their software...) using the same kind of TTPs you mention.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
https://www.linkedin.com/in/dr2lopez/

e-mail: diego.r.lopez@telefonica.com
Tel:         +34 913 129 041
Mobile:  +34 682 051 091
----------------------------------
On 18/12/2017, 01:23, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:


    Diego,

    I generally disagree with some of your earlier points where
    you disagree with me:-) I do agree that there are hard
    problems with updates and bugs in general for endpoints and
    devices in the middle. I don't agree that breaking TLS or
    HTTPs is a viable way to improve that, It'd make it worse.
    But rather than repeat things I've said to you in person
    before, for this threat, maybe it is work saying that the
    proponent here claimed to be interested in a new multiparty
    security protocol (in the mailing list description) which
    could have been a worthy, if unlikely to succeed endeavour.
    In Singapore, I concluded that they are primarily or maybe
    only interested in the web as used by people and in mitm'ing
    that. So personally I think the separate mailing list would
    be better closed down as it seems to have been started on
    the basis of some confusion wrt folks' goals.

    On 17/12/17 23:19, Diego R. Lopez wrote:
    >
    > I am afraid I don’t follow you here… What do you mean by “random
    > name/address that claims to be “good””? Given there are appropriate
    > roots of trust, how is this “random” trust different from the
    > certificate verification process in TLS?
    The difference in the above context is the the proponents
    here want TTPs that tell lies all the time, and that are
    so wide-spread and not well-known that they appear to the
    endpoints indistinguishable from a random router. The public
    Web PKI TTPs we have are far from perfect but at least they
    don't do that so far.

    There also appears to be some magical thinking that allows
    some proponents to say that they think these new lies can
    benefit the user and give the user more control. I have no
    clue how that can reflect a genuine technical opinion.

    S.





________________________________

Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição