Re: [perpass] TLS/SSL Key Rotation
Yakov Shafranovich <yakov-ietf@shaftek.org> Wed, 04 September 2013 00:12 UTC
Return-Path: <yakov@shaftek.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6505D11E8151 for <perpass@ietfa.amsl.com>; Tue, 3 Sep 2013 17:12:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.914
X-Spam-Level:
X-Spam-Status: No, score=-2.914 tagged_above=-999 required=5 tests=[AWL=0.063, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GIqmmXCu89qF for <perpass@ietfa.amsl.com>; Tue, 3 Sep 2013 17:12:17 -0700 (PDT)
Received: from mail-vc0-f181.google.com (mail-vc0-f181.google.com [209.85.220.181]) by ietfa.amsl.com (Postfix) with ESMTP id 7583C11E8150 for <perpass@ietf.org>; Tue, 3 Sep 2013 17:12:17 -0700 (PDT)
Received: by mail-vc0-f181.google.com with SMTP id hz10so4608432vcb.12 for <perpass@ietf.org>; Tue, 03 Sep 2013 17:12:08 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=mnbDQg02O9YKLSdmWr0tyrEGDAT6SzN8imT5GBvTuZQ=; b=bNZL+bMVu6grHrFswQxs6TEGn8/WA6vRo2YefqVyXDUhTk5G6nWemjLmnzjjVUWyGI N0OFTVGGFB1uWuBGbMIosjaUOZiV8JBq3Li/V4P6OcPMVpI8gSLgUrssc41NLWXn/ltp +ZXV/7y4SFnZexcI+O4r2gNBqhN7RWAa3MIPobkOrlx1tXEyxutSuf67s21mJe7XfZZ7 wak0G3c6IZhiNFVsSSYs8x6qV8lzk+g95moXg5ugu4I5jqEa/G0+MAyBmd+npe21tUY8 eiSH7T8guHNhxgSwWiDUjV7e+hcUbxE0yW7yi+wzI2cZlW+HSNQlHnbmWadZRtFg7c8/ aQ5A==
X-Gm-Message-State: ALoCoQk+DW6ocItGkyGCYrSqP4pf2619UXo8OgEnf4L2kxdRSv9uh1nW6jD3rlWt4fUl+ixIv3LH
X-Received: by 10.52.228.202 with SMTP id sk10mr1010vdc.111.1378253528225; Tue, 03 Sep 2013 17:12:08 -0700 (PDT)
MIME-Version: 1.0
Sender: yakov@shaftek.org
Received: by 10.52.183.4 with HTTP; Tue, 3 Sep 2013 17:11:38 -0700 (PDT)
X-Originating-IP: [96.244.132.139]
In-Reply-To: <52267424.3090402@cs.tcd.ie>
References: <CAPQd5oRJK60472CC3ZPT38QZo7Ld8TjN545-JQLasuDDNAfVDw@mail.gmail.com> <52267424.3090402@cs.tcd.ie>
From: Yakov Shafranovich <yakov-ietf@shaftek.org>
Date: Tue, 03 Sep 2013 20:11:38 -0400
X-Google-Sender-Auth: NNh0vS0cWu2jbi70qF7ngk8Tzy8
Message-ID: <CAPQd5oRLbztAc-TUo2g+datsAUagAgVF4XZbWdZTJxusFPumzQ@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: perpass@ietf.org
Subject: Re: [perpass] TLS/SSL Key Rotation
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2013 00:12:23 -0000
On Tue, Sep 3, 2013 at 7:43 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > On 09/04/2013 12:18 AM, Yakov Shafranovich wrote: >> On Tue, Sep 3, 2013 at 8:47 AM, Stephen Farrell >> <stephen.farrell@cs.tcd.ie> wrote: >>> On 09/03/2013 01:11 PM, Yakov Shafranovich wrote: ... >> >> or forcefully disclosed via a court order or other legal mechanism. >> The shorter the interval, the less data would be available to the >> potential attacker. There has been media discussion about this with >> the US Government [1] where providers are forced to hand over their >> keys. > > Right, but if the TLAs come calling, and the service provider's > response is to hand over today's RSA private key and then roll a > new keypair then you'll have an unhappy TLA, who'll come right > back calling again. The phone records thing (court order being > renewed every 3 months or whatever it was) also seems to argue > that rolling key pairs isn't going to help really. > One could envision a scenario where a small group of users or a particular user is being targeted by the court order for a limited period of time. Having regular key rotation will not stop the TLAs from reading everyone's email but will limit the damage once the key rotates. Yakov
- [perpass] TLS/SSL Key Rotation Yakov Shafranovich
- Re: [perpass] TLS/SSL Key Rotation Stephen Farrell
- Re: [perpass] TLS/SSL Key Rotation Yakov Shafranovich
- Re: [perpass] TLS/SSL Key Rotation Yoav Nir
- Re: [perpass] TLS/SSL Key Rotation Patrick Pelletier
- Re: [perpass] TLS/SSL Key Rotation Randy Bush