Re: [Patient] [EXT] Re: [saag] Internet Draft posted as requested -

Brian Witten <brian_witten@symantec.com> Mon, 18 December 2017 23:01 UTC

Return-Path: <brian_witten@symantec.com>
X-Original-To: patient@ietfa.amsl.com
Delivered-To: patient@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0384912AF77; Mon, 18 Dec 2017 15:01:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.231
X-Spam-Level:
X-Spam-Status: No, score=-4.231 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UoUE9ESz6Qbn; Mon, 18 Dec 2017 15:01:21 -0800 (PST)
Received: from asbsmtoutape01.symantec.com (asbsmtoutape01.symantec.com [155.64.138.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B2DA126C3D; Mon, 18 Dec 2017 15:01:21 -0800 (PST)
Received: from asbsmtmtaapi02.symc.symantec.com (asb1-f5-symc-ext-prd-snat9.net.symantec.com [10.90.75.9]) by asbsmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 19.CB.35258.0C8483A5; Mon, 18 Dec 2017 23:01:20 +0000 (GMT)
X-AuditID: 0a5af819-80ab69c0000089ba-57-5a3848c0a18f
Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (asb1-f5-symc-ext-prd-snat8.net.symantec.com [10.90.75.8]) by asbsmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id CA.AC.04178.0C8483A5; Mon, 18 Dec 2017 23:01:20 +0000 (GMT)
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Mon, 18 Dec 2017 15:01:19 -0800
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (10.44.128.2) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Mon, 18 Dec 2017 15:01:19 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wuergpblpOnf/6hDPvUboO0VPbx80m7S9xDiAcJp64s=; b=kNzX1X/4xr6X/QFMWaX6MydqmgpjWPGQL4cK80+wvM8Y8jvaYvcnQRXDcz2t36lDVcR94SzkypDIWMURbekOei/5+86N33Z4yarjuUgcHn3MeduDjAzXSX4BmxBVG4Rk0yAH83nSRSZB00WCc2QqpEYTeZa0Pc9rekc6G+Dx3rg=
Received: from MWHPR16MB1488.namprd16.prod.outlook.com (10.175.4.146) by MWHPR16MB1488.namprd16.prod.outlook.com (10.175.4.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.302.9; Mon, 18 Dec 2017 23:01:17 +0000
Received: from MWHPR16MB1488.namprd16.prod.outlook.com ([10.175.4.146]) by MWHPR16MB1488.namprd16.prod.outlook.com ([10.175.4.146]) with mapi id 15.20.0302.017; Mon, 18 Dec 2017 23:01:17 +0000
From: Brian Witten <brian_witten@symantec.com>
To: Paul Wouters <paul@nohats.ca>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
CC: "patient@ietf.org" <patient@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [EXT] Re: [saag] [Patient] Internet Draft posted as requested -
Thread-Index: AQHTeDShd1yZtpRskESPqueRR6NGWqNJtPZv
Date: Mon, 18 Dec 2017 23:01:17 +0000
Message-ID: <MWHPR16MB148895BB902590E617D68B12930E0@MWHPR16MB1488.namprd16.prod.outlook.com>
References: <MWHPR16MB14881688FE400E3277CA8A9393310@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14889B7535153E5844649CA393370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14880A12D15AC58FDD5CEC8793370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488D43F3B53BC7BBE9D836593370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488853B0E4F7BB8E557288D93370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB148845FB069D03625BC399B193370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488848D7AC828EBB8DA90B093350@MWHPR16MB1488.namprd16.prod.outlook.com> <DM5PR16MB148477E1FAA4C210A3B013F7930A0@DM5PR16MB1484.namprd16.prod.outlook.com> <dfdb52ca-81ae-50b7-cd5f-e256b5cb047d@cs.tcd.ie> <AF4C62E0-61AB-45DB-B3E6-56AB67A1070A@telefonica.com> <d47e82af-5c6f-9be5-4226-4d6713701148@cs.tcd.ie> <CE03DB3D7B45C245BCA0D243277949362FE1ED76@MX307CL04.corp.emc.com> <19005081-c8fc-8090-d6f6-ab61855db793@cs.tcd.ie>, <alpine.LRH.2.21.1712181354310.27010@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1712181354310.27010@bofh.nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=brian_witten@symantec.com;
x-originating-ip: [155.64.38.94]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR16MB1488; 6:ZcWKtlTEoQZ8KnN+O0dJ2CoD8lJ6+yccLN44xhBJlcwdp7pdpfmK20zPAti4MHbtwDFGXdNskacD09I2jC0ASYK9oqGM1ir9broCi4WJT+Fgpzvjl5SqKi7+cCqMQf23uiG4q/2R0qsCIKX/sXSPzQr5Gj/UmZi40LoSyMGct+M2dqgOpVOR19f3nTk/m2nR8rQBjaBiUCZJO77XtCVjxyL9fXpSDvH0uYwWjpmbUsDODBZg3C2C+4brN8DIPI52BoGs/4raYXKgqJr+AzH9ymjHUHBM0SlLCdYqGsMxsY9NnBCR3Mm7lswPpkJDLMIaoW0H4Eq9rdVxm6Y9SAtICjhgMpzjvxT1qeTYPsu8et0=; 5:65JPDqwjah0YFi5MxwpHAKTThN9qq9gLDCHhMU8i6p1LhdGzPtiQ7AkHhQ7I21a02PiTLD+aQ0Z+UvgIZ/heYlEANixJrz0ne4bgK9/Tybkqdr3CHpuc7NoHyQM+FMNEj/zJImb3nmuPMQoaoG9EVCMsQ+KOb39lDEj3GY+nvfM=; 24:+cQY29R+H/NoksclwXiC+gmOuBNhpCT7ScQ5pFPA+pQrXX1Y95HJqcKvTLhkGYL+0zEd/hmgfqHpajfmFWXyqxvHMgQ8qdyB4eMx5/nVJ1U=; 7:uvaCaXQ0sGNlYZzaXxXAV1MI1/uZKm8wP1wKPvofDSH8KEp0XMlUvjnYrbMt07TjmgbffqF5Gk8IYGbTA5Xx/AC5inqomr4eA3eAL7HcLKvij0chQYuwr7jLt3j2ezbJGKHQ6dgrk5Xs9EaIDPFEH4kwMwpLdz01jmSuAug5rRxaOiS2jHQnPAWa0NUccUslGDQlvGpq+ZXC9kajv9T67O8JXSKsX7LQU8dFpPgMEbndgNL0AY2a/XtW9BYsxIlx
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 0e389f8c-9e05-49f6-65f2-08d5466b3efe
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(2017052603307); SRVR:MWHPR16MB1488;
x-ms-traffictypediagnostic: MWHPR16MB1488:
x-microsoft-antispam-prvs: <MWHPR16MB14889EE115C2A2D3E0326AE6930E0@MWHPR16MB1488.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(72170088055959)(258766100185102)(100405760836317);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231023)(93006095)(93001095)(6041248)(20161123564025)(20161123555025)(20161123558100)(20161123560025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:MWHPR16MB1488; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:MWHPR16MB1488;
x-forefront-prvs: 0525BB0ADF
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(396003)(346002)(366004)(39860400002)(43784003)(189003)(199004)(24454002)(7736002)(54906003)(2900100001)(110136005)(74316002)(97736004)(6506007)(93886005)(966005)(14454004)(305945005)(99286004)(53546011)(76176011)(316002)(59450400001)(7696005)(2950100002)(6306002)(105586002)(3846002)(6116002)(77096006)(102836003)(68736007)(575784001)(3660700001)(9686003)(10290500003)(478600001)(8676002)(81156014)(66066001)(81166006)(106356001)(2906002)(53936002)(4326008)(5660300001)(6246003)(6436002)(3280700002)(229853002)(33656002)(8936002)(55016002)(25786009)(86362001)(9010500006); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR16MB1488; H:MWHPR16MB1488.namprd16.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 0e389f8c-9e05-49f6-65f2-08d5466b3efe
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Dec 2017 23:01:17.4160 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR16MB1488
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprDKsWRmVeSWpSXmKPExsXCFeXNqXvAwyLK4P9EPouXB4wt3t+6xGQx pb+TyWL63mvsDiwea7uvsnksWfKTyeP7PKYA5igum5TUnMyy1CJ9uwSujL+/drMVnFequNR2 jamB8Y5MFyMnh4SAicS3i7/Yuxi5OIQEPjJKHNj0hRUm0fK+gw0i8Z1R4uHzWYwgCSGBo4wS P897QiReMEoc/XaSGcRhEehklni5cxkrRNUUJolH0+Ihqo4wSix59wKsnU1AT+Lo3ztgRSIC fhI7l10AizMLeEl8mvucBcQWBopfed8GVRMo8fPyDSCbA8g2krh4KwokzCKgKvHry0GwEl6B GIkl+zqYIHa9ZpdYPe8g2ExOAUeJ38cfsYHYjAJiEt9PrWGC2CUucevJfCaIPwUkluw5zwxh i0q8fPyPFaI+RuLU2ldQcQWJRT/boGxZiUvzuxlBlkkIHGKXOPP9G9QgPYmtE98yghwqIeAr 8bDNBqJmCaPEjgOn2SBqtCSWN01hg6jJlrg6wXYCo/EsJCdB2HoSN6ZOYYOwtSWWLXzNPAvs T0GJkzOfsCxgZFnFqJBYnFScW5JfWpJYkGpgqFdcmZsMIhKBKSZZLzk/dxMjOM38kNzBeOSE zyFGAQ5GJR5eCV2LKCHWxDKgykOMEhzMSiK8fmfNo4R4UxIrq1KL8uOLSnNSiw8xSnOwKInz TvqmFiUkkJ5YkpqdmlqQWgSTZeLglGpgbI9qCj0yX7TUsf/pz8NPqvhNZt3sFUl/mfYk6XNo yoa7h1Zs1Sgv0zvsar/x+k+bo2ktM3Vez+xf2bx5X+yVBMXTlZq3jeRC94TP1/NPustmx/F6 nqF/5vPfKw583Pnu5fQd+z46+yS92Dp7SZ71z2oJiyDJgPVB76u6dt4WVBf7kKTTLDX9vRJL cUaioRZzUXEiAEW972cvAwAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkleLIzCtJLcpLzFFi42LhivLm0D3gYRFlcPQPl8XLA8YW729dYrKY 0t/JZDF97zV2BxaPtd1X2TyWLPnJ5PF9HlMAcxSXTUpqTmZZapG+XQJXxt9fu9kKzitVXGq7 xtTAeEemi5GTQ0LARKLlfQdbFyMXh5DAd0aJh89nMYIkhASOMkr8PO8JkXjBKHH020lmEIdF oJNZ4uXOZawQVVOYJB5Ni4eoOsIoseTdC7B2NgE9iaN/74AViQj4SexcdgEszizgJfFp7nMW EFsYKH7lfRtUTaDEz8s3gGwOINtI4uKtKJAwi4CqxK8vB8FKeAViJJbs62CC2PWaXWL1vINg MzkFHCV+H3/EBmIzCohJfD+1hglil7jErSfzmSD+FJBYsuc8M4QtKvHy8T9WiPoYiVNrX0HF FSQW/WyDsmUlLs3vZgRZJiFwiF3izPdvUIP0JLZOfMsIcqiEgK/EwzYbiJoljBI7Dpxmg6jR kljeNIUNoiZb4uoEW4hwrkTL8R3MEPULmIEB95dlAqP+LCS3Qth6EjemTmGDsLUlli18zTwL HACCEidnPmFZwMiyilEhsTipOLcktyQxsSDTwEivuDI3GUQkAlNMsl5yfu4mRnCa+S2+g/Hc H59DjAIcjEo8vDOumkcJsSaWAVUeYpTmYFES532swRQlJJCeWJKanZpakFoUX1Sak1p8iJGJ g1OqgTHo3CnZzOSuGJH13zPKrKf/yA8v4c7qXD1xVcVdRe4y5TM31IsKmLbk59WssLzPa846 k6FSSOkPa9GTnZd9JRiL7s7gKL7CVTfh3+sr7Xt++RQaMUz30jzldcJ7Y99VwVOFZ0pPal// r1ZoyyN36kTSFaeXmjcOVcVlb3pawtG/8IR57CbvrUosxRmJhlrMRcWJAJB88EIUAwAA
X-CFilter-Loop: ASB04
Archived-At: <https://mailarchive.ietf.org/arch/msg/patient/YeoRxvB4UX1syp9QxXWYNq6xOPM>
Subject: Re: [Patient] [EXT] Re: [saag] Internet Draft posted as requested -
X-BeenThere: patient@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <patient.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/patient>, <mailto:patient-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/patient/>
List-Post: <mailto:patient@ietf.org>
List-Help: <mailto:patient-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/patient>, <mailto:patient-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2017 23:01:24 -0000

Hi Paul,

Thanks Again.

Re, "...NOT be in the possession of any private key material that will allow it to impersonate the client identity to a remove (sic, remote) server," I believe this could be achieved through "mutual authentication leveraging client-side certs," where the client-side certs are provisioned either through in-factory credential-provisioning, which is quite common in IOT today, or through some other provisioning mechanism, such as Enterprise PKI or how some banks do "out-of-band" (OOB) credential provisioning to client devices.  Of course, the keys & roots need to be set up properly so that the server can verify the client-side credentials and the Protection Service can't forge such credentials, but that's straight forward.  That would seem to prevent impersonation.  Also, the client could then also it use it's Private Key to sign anything it sends back to the server, "akin to Stickler, but providing end2end integrity protection from the client back to the server."  Please LMK if you disagree?

Either Way, Thank You Again!

Brian

   



From: saag <saag-bounces@ietf.org>; on behalf of Paul Wouters <paul@nohats.ca>;
Sent: Monday, December 18, 2017 11:15 AM
To: Stephen Farrell
Cc: patient@ietf.org; saag@ietf.org
Subject: [EXT] Re: [saag] [Patient] Internet Draft posted as requested -
  

On Mon, 18 Dec 2017, Stephen Farrell wrote:

> If the proponents of these mitm schemes honestly and openly
> faced up to such issues and argued for another decades-long
> arms-race and acknowledged the downsides (e.g. assisting
> censorship, breaking all sorts of application assumptions,
> and enabling pervasive monitoring) of mitm'ing https and/or
> tls then that at least would be credible. It'd still be a bad
> plan, but at least one for which we could discuss the technical
> (de)merits and not have to deal with the nonsense claims such
> at the one we both noted above.

If we did an use-cases document for this, to seperate the technical
aspects from the business aspects, the first item I would insist on
would be:

- Protection service MUST NOT be in the possession of any private
   key material that will allow it to impersonate the client identity
   to a remove server. If a client wants to delegate this responsibility,
   it MUST be able to communicate this to the server and the server MUST
   be able to deny such a request (upon which the client may decide to
   close the connection)

The problem here is that providers of these services don't want to double
the traffic load where the client decrypts then forwards for blessing.
But simply insisting that decryption has to move to the network service
isn't going to work.

Another way to accomplish this would be to have signed web pages,
so clients could send hashes for verification. But in today's dynamic
web that is also pretty problematic and would require major changes.
Of course it has the benefit of the provider not even being able to
read the users content.

The IETF discussion should not center around the business model, but
should center around designing (or not) a useful new protocol or
existing protocol modification that addresses a well defined issue.
Instead, I hear about desires and potential business models and how
some of our new technology has affected existing business models.

I also detect a culture clash where I see a lot of praise to proponents
and opponents without technical backing. At the IETF, we try to
reach consensus based on technical merit, for example by stating you
agree or disagree with certain items and why, and don't do "me too"
messages to get a count.

Paul

_______________________________________________
saag mailing list
saag@ietf.org
https://clicktime.symantec.com/a/1/fiazdLFK3QUq7FT-i8r9StLrGbk9GfOa_1goF9ohiHM=?d=pDpEfizpaOoyRJu2SzY3dci6RLYb38UoHcO56rWd_Waa-XH4XaU_PbZEq2F_Ots1eFq9hFcrLyPIEy48XVNkNuVNaOs-hoRY9sYCvwwTKpc4f-YKEqzZth1bnGLIzloRCg-0QnQdNv56mIQtGktlHz8TajPdmMikqWjbs6jf4VPYjcczDAj9jNyaxcx2IKQYHLloy8tT3EpQiziv7EBh2XdL0QhQnkkhSzCFPg_DkAVAp0nHRv2IKkK8evQNjlGIG5n4l5H7ZK-c5O7bxd8T5NvfXPwX_fA1aXxbKcyxcBBCAsuxquW-NErNyP3CsvoqB9y33t-tWDXxs9RHYaIEEdCZpVKVj6nws46A-ieYJWuMViPN3fvhBKGW1VS3xyIUDcLeTBbhiy_-WdDGzGvoxW-BueESNFM%3D&u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsaag