Re: [Patient] [saag] Internet Draft posted as requested -

Bret Jordan <jordan.ietf@gmail.com> Tue, 19 December 2017 20:53 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: patient@ietfa.amsl.com
Delivered-To: patient@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D5CE1270A0 for <patient@ietfa.amsl.com>; Tue, 19 Dec 2017 12:53:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tfI9a2OiHqNB for <patient@ietfa.amsl.com>; Tue, 19 Dec 2017 12:53:17 -0800 (PST)
Received: from mail-it0-x22d.google.com (mail-it0-x22d.google.com [IPv6:2607:f8b0:4001:c0b::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68D971205D3 for <patient@ietf.org>; Tue, 19 Dec 2017 12:53:17 -0800 (PST)
Received: by mail-it0-x22d.google.com with SMTP id 68so4338804ite.4 for <patient@ietf.org>; Tue, 19 Dec 2017 12:53:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9of6mn4EP4iplvD5R9NlUWaBeFE0lH/Rus4ve0oRsJY=; b=O9kC6CNoQpO11TXbzU1wr2gXMLV//qvfiiyjuPWACEG5eaDJIL2qHwWhsBCTX3sj0M Rg5NfkKqAnNY87nxkvQ07FR5aOPsJwS9ezvoULmMHvvJBeZJeu5tdhxcLo2Asu07EkeP sIxk4eEbNqeqf1ps71DQbhD/z+wapmuMIIxqU4cI8PR3mVNCQ08nE6KWF1dwThEO9Psg t9vYxdjZiHSMqDZh5A57UnwcQU9osnuTsDYcXZKtKmxq57vR5C46PnTCq0CFI2Yl7F3r HjU7oE/vshlDL7BC+Uxh4Am4KAzRUVQXqyWnRWR563Sdt9YIDp9osDs0RuijQBQ6z5yv BKFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=9of6mn4EP4iplvD5R9NlUWaBeFE0lH/Rus4ve0oRsJY=; b=rBXTwEj/eJ7DSUlJl2SnffuqK4S8mSBjP6leu3hxcSLiT3yi7ZGB5wDDXixhjLU9Xt zLdxtM+PZT/WAAqmk+tVVVPHXCe4WLKc/Ym5ON3hdlRr8O0H3KStYU4xrJ7gCxp2SDgV OwqM3RwEf/4oSaDOExnL+b2gxEtuiJ8r2/N5YJ0txKYa8l/EIdEwdHOAOuArZkMFSBWy EIqblKqzjUtrAzBJylpLAow0jPWS1PEJDovzLkL6mlwKl+H2+r8c4s0hMZ4HlEm28aeR RKvX/2Yr3kF2EeJuhCWBvphlARPvJJFhWXTPV6+rra07zn4T57FZ1uH9dELhhgPBnVe2 DKuw==
X-Gm-Message-State: AKGB3mKiNWLTo8jYx70C06DyK1LH7/ohWPrLfXJSj5U55Ln/gQQ9jvmf MiZpcQF2XsdNGqPwyEQWfM4bK+ez
X-Google-Smtp-Source: ACJfBov8ZbGr/KN1j2qnSmMVMl84IUEBCRqHnTlHH8RKHZfONo23XpvUu3jZVFObOzZDqaEnJFJ4LQ==
X-Received: by 10.36.3.11 with SMTP id e11mr4906940ite.113.1513716796825; Tue, 19 Dec 2017 12:53:16 -0800 (PST)
Received: from [172.16.255.50] ([216.194.115.4]) by smtp.gmail.com with ESMTPSA id c2sm8243031iob.56.2017.12.19.12.53.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Dec 2017 12:53:15 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Bret Jordan <jordan.ietf@gmail.com>
In-Reply-To: <1a9adaa6-f1f9-1c0e-490a-6b84290af939@nomountain.net>
Date: Tue, 19 Dec 2017 13:53:13 -0700
Cc: patient@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <778F3E64-2E07-446E-9027-8764C971EEA0@gmail.com>
References: <MWHPR16MB14881688FE400E3277CA8A9393310@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14889BEE3EB0ED5F328D7C3993370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14889B7535153E5844649CA393370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14880A12D15AC58FDD5CEC8793370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488D43F3B53BC7BBE9D836593370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488853B0E4F7BB8E557288D93370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB148845FB069D03625BC399B193370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488848D7AC828EBB8DA90B093350@MWHPR16MB1488.namprd16.prod.outlook.com> <DM5PR16MB148477E1FAA4C210A3B013F7930A0@DM5PR16MB1484.namprd16.prod.outlook.com> <dfdb52ca-81ae-50b7-cd5f-e256b5cb047d@cs.tcd.ie> <AF4C62E0-61AB-45DB-B3E6-56AB67A1070A@telefonica.com> <d47e82af-5c6f-9be5-4226-4d6713701148@cs.tcd.ie> <98E78B0A-0351-4702-98F5-62DAF2C125CD@telefonica.com> <217613C9-9D51-4CC9-8C8C-D632E1CECFF6@gmail.com> <1a9adaa6-f1f9-1c0e-490a-6b84290af939@nomountain.net>
To: Melinda Shore <melinda.shore@nomountain.net>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/patient/TRR009a4QkHIz14Wak823etkdgo>
Subject: Re: [Patient] [saag] Internet Draft posted as requested -
X-BeenThere: patient@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <patient.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/patient>, <mailto:patient-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/patient/>
List-Post: <mailto:patient@ietf.org>
List-Help: <mailto:patient-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/patient>, <mailto:patient-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2017 20:53:19 -0000

I have not heard anyone ask for or talk about weakening application level security or TLS. What is being asked for and talked about is how does a client know and understand which network security devices are in line and what are they doing to their traffic.  

Bret



> On Dec 18, 2017, at 23:49, Melinda Shore <melinda.shore@nomountain.net>; wrote:
> 
> On 12/18/17 8:41 PM, Bret Jordan wrote:
>> While some members of this community may philosophically not like
>> network based protections or want all of the protections to reside on
>> the client,  [ ... ]
> 
> I think it is fair to say that this is a mischaracterization of
> the argument.  The issue here is with weakening application or
> transport security in order to allow middleboxes to work their
> magic.  That is to say, that's the tradeoff that's under discussion.
> 
> Melinda
> 
> 
> -- 
> Software longa, hardware brevis
> 
> PGP fingerprint: 795A 714B CD08 F996 AEFE
>                 AB36 FE18 57E9 6B9D A293
> 
> _______________________________________________
> PATIENT mailing list
> PATIENT@ietf.org
> https://www.ietf.org/mailman/listinfo/patient