Re: [Patient] DOJ first on encryption services

Eric Rescorla <ekr@rtfm.com> Sun, 18 March 2018 12:46 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: patient@ietfa.amsl.com
Delivered-To: patient@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26AF31277BB for <patient@ietfa.amsl.com>; Sun, 18 Mar 2018 05:46:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.639
X-Spam-Level:
X-Spam-Status: No, score=-1.639 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q69feuYZBuJU for <patient@ietfa.amsl.com>; Sun, 18 Mar 2018 05:46:30 -0700 (PDT)
Received: from mail-qt0-x236.google.com (mail-qt0-x236.google.com [IPv6:2607:f8b0:400d:c0d::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFF7F126D3F for <patient@ietf.org>; Sun, 18 Mar 2018 05:46:29 -0700 (PDT)
Received: by mail-qt0-x236.google.com with SMTP id s2so252852qti.2 for <patient@ietf.org>; Sun, 18 Mar 2018 05:46:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=XLamRv0RGcSTjXuUxKlIgG1uRF89Rbpr6vxRk1Exr4o=; b=QD/y9HgR6YEus/+yl/jzdO7w79PTCnoJliPSePWkYoROk4KXiSsDN+ZpnOla8nzAl3 8LBDw2KVq+hC4Lu/td1XckiezOKPVvMFx95JZlsJhyKz+Yl/gQRkyW0Cbme8HYFj0yei SyUBADHkMGX3SfWTIC0b8r1xFqjxYpaS6/nUMx5NUTAC43aT+CR965SlKlQ2DWOFUhPc OZZJfZ3visJkUlK10QPXq9Infg+7wmSxTpdgEQAXYozcoTvMB2xenMvnXMictHltkChY rqHe3wCuk3j/x7VJ25woqYYyfroKBDU2S7RLbn6h//w7575ig3b6YD/aZx4Wc3q7LyRz vKKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=XLamRv0RGcSTjXuUxKlIgG1uRF89Rbpr6vxRk1Exr4o=; b=KI6trx0CjZphNjE4fIJh47EewILH8o7/MuaQ6Q7CAMmBRu57+X4HSJR1hz/QPw9cvs WZYKLeVNubxAohiEm98ZcB8La2PXPTg6+EEQDwXB26MPq13YRNt41+x28iuGJ8F/Uak2 YiEHW/q/Djg5mji1pomMxKrX4V/4GKK8enLpR2WOG1xIue+qLrnwjHCmhC5Eahsrwqsy sy6ZTWwyV48tfRMSt4er4AlrQ50Ci4xPBQZfJkl87Ovp1+21AhzjsRmt30V7NVliPaXM Kh44pDAXrJpNEaUn/A0umGJ35SSFc52h5VbQhKZIqA92LLxFqzYUczLjrCSCXyUzDU81 BK5w==
X-Gm-Message-State: AElRT7FFW6ZQOw9ojW/cc4rawN5hSd7QAIDhKAhRTg1IylLA/kGEskay eZbxFkugahgmoSVGZAhKX0cs6X0lf6JXsbFrG/HNqw==
X-Google-Smtp-Source: AG47ELsZssN5ICMespGQHJGEtsSLjKH7ahBtKrcmFvkBH+mJL19RHRqyhEqg7NAtO8lNY8osoRd00M9XxR8VoK/uvbQ=
X-Received: by 10.200.42.177 with SMTP id b46mr12927063qta.321.1521377188942; Sun, 18 Mar 2018 05:46:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.37.234 with HTTP; Sun, 18 Mar 2018 05:45:48 -0700 (PDT)
In-Reply-To: <9d71af7a-cdf2-7590-6e12-e3207e2c4736@yaanatech.co.uk>
References: <02be9028-a8fd-f527-826b-5361de1470ce@yaanatech.co.uk> <F8164D9E-92C2-4440-BD06-6D81852918B8@telefonica.com> <9d71af7a-cdf2-7590-6e12-e3207e2c4736@yaanatech.co.uk>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 18 Mar 2018 12:45:48 +0000
Message-ID: <CABcZeBOyyr44-ED9MMhHtzPuTq-Xt_iYeJKs6vbOUN=Stjc==g@mail.gmail.com>
To: tony@yaanatech.co.uk
Cc: "Diego R. Lopez" <diego.r.lopez@telefonica.com>, Brian Witten <brian_witten@symantec.com>, "patient@ietf.org" <patient@ietf.org>
Content-Type: multipart/alternative; boundary="001a113b0328eaa82d0567af3ac3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/patient/vn53N34IEr_E0mcObxRU0Mdxqks>
Subject: Re: [Patient] DOJ first on encryption services
X-BeenThere: patient@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <patient.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/patient>, <mailto:patient-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/patient/>
List-Post: <mailto:patient@ietf.org>
List-Help: <mailto:patient-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/patient>, <mailto:patient-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Mar 2018 12:46:32 -0000

On Sun, Mar 18, 2018 at 12:30 PM, Tony Rutkowski <tony@yaanatech.co.uk>;
wrote:

> Hi Diego,
>
> It is also worth referencing a relatively recent Lawfare article on the
> scaling litigation in the U.S. against those supporting e2e encryption
> services or capabilities.
> https://www.lawfareblog.com/did-congress-immunize-twitter-ag
> ainst-lawsuits-supporting-isis
>
> This litigation trend is also likely to increase the insurance costs of
> providers.  Indeed, a provider that supports TLS1.3, QUIC, SNI, etc, may
> not even be able to get insurance.  It may be fun and games to play crypto
> rebel in venues like the IETF where the risk exposure is minimal, but when
> it comes to real world consequences and costs, the equations for providers
> are rather different.


I think this rather overestimates the degree to which both TLS 1.3 and QUIC
change the equation about what a provider is able to determine from traffic
inspection. As a practical matter, the primary change from TLS 1.2 is that
the provider does not get to see the server's certificate, but it does see
the SNI. Given that the SNI contains the identity of the server that the
client is connected to and that the other identities in the certificate are
often whatever the provider decided to co-locate on the same machine, I'm
not sure how much information you are really losing.

-Ekr


>
>
> --tony
>
>
> _______________________________________________
> PATIENT mailing list
> PATIENT@ietf.org
> https://www.ietf.org/mailman/listinfo/patient
>