Re: [Patient] [saag] Internet Draft posted as requested -

Paul Wouters <> Mon, 18 December 2017 19:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 661D412D848; Mon, 18 Dec 2017 11:15:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.11
X-Spam-Status: No, score=-0.11 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9LRgQeNIcNI5; Mon, 18 Dec 2017 11:15:13 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1621412D80F; Mon, 18 Dec 2017 11:15:13 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by (Postfix) with ESMTP id 3z0rMg04BHz3DD; Mon, 18 Dec 2017 20:15:11 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=default; t=1513624511; bh=oD1+SFvd7QJNLAxrkZ50KfQhZ/WnuXg1qgv5YYGfapc=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=Ldx3SvdsQBSQKRgaKPm58m2Z/71yTpiYyNxk8JuCZ5lFhXOf7j0B86SQUoX4T4klT W2rjprwyWYJDIl8Sd61D65OLbzbDTNcpppbIFstTCwL1LmJanwvNMclNQnnzNPFzeS jmO5H4WZ/B5D+mHv8N7D+BNX8HEVd6Ko1CuFJmx4=
X-Virus-Scanned: amavisd-new at
Received: from ([IPv6:::1]) by localhost ( [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 4Lkt3GJZ60CY; Mon, 18 Dec 2017 20:15:09 +0100 (CET)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS; Mon, 18 Dec 2017 20:15:09 +0100 (CET)
Received: by (Postfix, from userid 1000) id 2640F70A3E7; Mon, 18 Dec 2017 14:15:08 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 2640F70A3E7
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0F41A43A0D45; Mon, 18 Dec 2017 14:15:08 -0500 (EST)
Date: Mon, 18 Dec 2017 14:15:07 -0500 (EST)
From: Paul Wouters <>
To: Stephen Farrell <>
cc: "" <>, "" <>
In-Reply-To: <>
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <>
Subject: Re: [Patient] [saag] Internet Draft posted as requested -
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 18 Dec 2017 19:15:14 -0000

On Mon, 18 Dec 2017, Stephen Farrell wrote:

> If the proponents of these mitm schemes honestly and openly
> faced up to such issues and argued for another decades-long
> arms-race and acknowledged the downsides (e.g. assisting
> censorship, breaking all sorts of application assumptions,
> and enabling pervasive monitoring) of mitm'ing https and/or
> tls then that at least would be credible. It'd still be a bad
> plan, but at least one for which we could discuss the technical
> (de)merits and not have to deal with the nonsense claims such
> at the one we both noted above.

If we did an use-cases document for this, to seperate the technical
aspects from the business aspects, the first item I would insist on
would be:

- Protection service MUST NOT be in the possession of any private
   key material that will allow it to impersonate the client identity
   to a remove server. If a client wants to delegate this responsibility,
   it MUST be able to communicate this to the server and the server MUST
   be able to deny such a request (upon which the client may decide to
   close the connection)

The problem here is that providers of these services don't want to double
the traffic load where the client decrypts then forwards for blessing.
But simply insisting that decryption has to move to the network service
isn't going to work.

Another way to accomplish this would be to have signed web pages,
so clients could send hashes for verification. But in today's dynamic
web that is also pretty problematic and would require major changes.
Of course it has the benefit of the provider not even being able to
read the users content.

The IETF discussion should not center around the business model, but
should center around designing (or not) a useful new protocol or
existing protocol modification that addresses a well defined issue.
Instead, I hear about desires and potential business models and how
some of our new technology has affected existing business models.

I also detect a culture clash where I see a lot of praise to proponents
and opponents without technical backing. At the IETF, we try to
reach consensus based on technical merit, for example by stating you
agree or disagree with certain items and why, and don't do "me too"
messages to get a count.