Re: [perpass] [TLS] wiretapping draft - collecting rebuttal arguments

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 11 July 2017 10:52 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1127129AA0 for <perpass@ietfa.amsl.com>; Tue, 11 Jul 2017 03:52:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fX6IyOQb6BDa for <perpass@ietfa.amsl.com>; Tue, 11 Jul 2017 03:52:15 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 302FE127180 for <perpass@ietf.org>; Tue, 11 Jul 2017 03:52:15 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 01680BF4E for <perpass@ietf.org>; Tue, 11 Jul 2017 11:52:14 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rsH3W0YrUPhW for <perpass@ietf.org>; Tue, 11 Jul 2017 11:52:13 +0100 (IST)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 9A241BF4C for <perpass@ietf.org>; Tue, 11 Jul 2017 11:52:13 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1499770333; bh=pS9De6MJ8rEQgei2mD1595nZdS6HC4Pm656YtVOBZL4=; h=From:Subject:To:References:Date:In-Reply-To:From; b=QLz1pSm/U/BZoMf4fAxw7qaupNpNw2n3ZBcMNmj5G+gi7y1s4EkENRV7pYGO595q5 L3TpA/npJyoNIu0oneiTsdsRN/uymo6VAsvh3pI11jklYVuusb8rqnKATKPaPS7rEN JdzFhwThomHF/SaF0KVaOqHVRrFvPBT/aqBeFxhI=
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: perpass <perpass@ietf.org>
References: <1777c26d-4e8c-453d-422e-b1f238105bd5@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <1b70288a-2ab9-c96a-7680-06f28ed3c6bf@cs.tcd.ie>
Date: Tue, 11 Jul 2017 11:52:10 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <1777c26d-4e8c-453d-422e-b1f238105bd5@cs.tcd.ie>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="0ejOef0WTXChs9jSBDeWFRFg2JsFliG4m"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perpass/7Jyn9Lrlj1E6SJYaXTNTUtbcZxY>
Subject: Re: [perpass] [TLS] wiretapping draft - collecting rebuttal arguments
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 10:52:17 -0000

FYI. Contributions from folks here would be welcome
if you're interested,
Cheers,
S.

PS: This relates to ongoing discussion on the TLS list.

On 11/07/17 11:48, Stephen Farrell wrote:
> 
> Hiya,
> 
> I've asked the chairs for a slot in Prague to allow
> for rebutting the claims made by the proponents of
> the most recent wiretapping draft we're (sadly, still)
> discussing. [1]
> 
> So far the chairs seem un-keen, but I'm gonna keep
> asking as I think having a rebuttal for this kind
> of bad idea is needed. (And again, I'd prefer the
> chairs ditch the entire idea of discussing this at
> all.)
> 
> In any case, and perhaps with a view to longer-term
> documenting the arguments against the various "let's
> break TLS" proposals we continually see, I've started
> to collect some of those arguments in a github repo [2].
> 
> I would welcome contributions to [2] however folks
> would like to provide 'em (but ideally via PRs) so
> we can provide a nice crowd-sourced rebuttal in
> Prague, either as a presentation or via a lively
> mic-line if need be.
> 
> Cheers,
> S.
> 
> PS: I've just started on this, but will go through
> the list archive to extract others' arguments and
> add acks. Not sure if that'll get done before we
> end up in Prague but please do let me know if I've
> used an argument you made so I can ack that later.
> 
> [1] https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-01
> [2] https://github.com/sftcd/tinfoil
> 
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>