Re: [perpass] TLS discussion
Phillip Hallam-Baker <hallam@gmail.com> Mon, 18 November 2013 12:51 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2EE011E8580 for <perpass@ietfa.amsl.com>; Mon, 18 Nov 2013 04:51:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.499
X-Spam-Level:
X-Spam-Status: No, score=-2.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1mtgj4Vy2S4 for <perpass@ietfa.amsl.com>; Mon, 18 Nov 2013 04:51:44 -0800 (PST)
Received: from mail-la0-x234.google.com (mail-la0-x234.google.com [IPv6:2a00:1450:4010:c03::234]) by ietfa.amsl.com (Postfix) with ESMTP id E519D11E83E2 for <perpass@ietf.org>; Mon, 18 Nov 2013 04:49:51 -0800 (PST)
Received: by mail-la0-f52.google.com with SMTP id ev20so4675105lab.25 for <perpass@ietf.org>; Mon, 18 Nov 2013 04:49:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ndiFgp3qg0Sr6sjDlsrz10/pxb/caBJ7ad05mZtTpKU=; b=y3IMTUnsWzOUb98a75TzoNwHCahFb64uvfDu+ufkGkw5j6WqQMIBs1t0CS5T1eOV0X F/81JmTmnJtRJmm2BIVBrEeUwZXrDOCGKPTP0QCcA3U01iY9d5c+2AehMtt/m4vi0Nem PTIyWGT0kd36BfR0vi8cF3KaFTMXx7xzNw3kACVFMxKhkqG76EuEbFcfxJims2eJl7Dt o1oX+vQk71H3U8u3mKPiOFC5UWPCYFkrU+3ynFocDSjbauL9hksYna3bWHIMXHW5WM9i MjqhTW1109gNh/vBuZkBPyBoT0l7INVOMm/yh+hGRssrkeT/QJrN1t4Zi+asFTVB4nSf WGdQ==
MIME-Version: 1.0
X-Received: by 10.152.116.7 with SMTP id js7mr14335611lab.11.1384778990833; Mon, 18 Nov 2013 04:49:50 -0800 (PST)
Received: by 10.112.46.98 with HTTP; Mon, 18 Nov 2013 04:49:50 -0800 (PST)
In-Reply-To: <5289FE29.2040804@cs.tcd.ie>
References: <CAMm+Lwg-AF9fZ5=f5W8JDmiCe=U7Uyxso_bdHGaQhddsQ+aGaw@mail.gmail.com> <5288E344.1020008@cs.tcd.ie> <7801df6558344b67a684933d4776e294@DB3PR01MB153.eurprd01.prod.exchangelabs.com> <5289FE29.2040804@cs.tcd.ie>
Date: Mon, 18 Nov 2013 07:49:50 -0500
Message-ID: <CAMm+LwgarxQbygQD=MSaTjjsaO=g1_0v9V=A=CMORVybsiPKAQ@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="001a11c2672ad755f504eb72fba8"
Cc: perpass <perpass@ietf.org>, "Learmonth, Iain Ross" <iain.learmonth.09@aberdeen.ac.uk>
Subject: Re: [perpass] TLS discussion
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2013 12:51:45 -0000
On Mon, Nov 18, 2013 at 6:46 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>wrote: > > > On 11/18/2013 09:13 AM, Learmonth, Iain Ross wrote: > > > >> Other foo/tls protocols will also soon have a separate venue [3] > >> and we have a TLS working group. So I see little left to discuss > >> about TLS on this list to be honest. > > > >> [3] https://datatracker.ietf.org/doc/charter-ietf-uta/ > > > > I agree that the HTTP/TLS discussion should be moved to the uta (Using > TLS in Applications) mailing list, when one exists, with regard to > authentication. It protects far more against active attacks and this list > is about preventing passive mass monitoring being useful. > > > > I think that the discussion relating to the use of TLS for encryption, > its effect on proxies and CDNs, and the fact that CDNs are a privacy issue > still need discussion here and are relevant to this list. > > Well, please bear in mind that httpbis are have a HUGE discussion > (~100 mails/day) on exactly this for HTTP/2.0 which is raging now, > so let's at least punt the discussion here for a few weeks until > the immediate work in httpbis settles down. Or dive in there [1], > seems like everyone else is doing that already;-) > Its a lot more than 100 a day. There are close to 100 in a thread you started last night. And that is the weekend. All the chatter about confidentiality and nobody is interested in fixing the massive hole in the use of cookies for authentication. And they can't even see the connection between the two. -- Website: http://hallambaker.com/
- [perpass] Unauthenticated, ephemeral keying in HT… Phillip Hallam-Baker
- Re: [perpass] Unauthenticated, ephemeral keying i… Brian E Carpenter
- Re: [perpass] Unauthenticated, ephemeral keying i… Ted Lemon
- Re: [perpass] Unauthenticated, ephemeral keying i… Brian E Carpenter
- Re: [perpass] Unauthenticated, ephemeral keying i… Ted Lemon
- Re: [perpass] Unauthenticated, ephemeral keying i… Learmonth, Iain Ross
- Re: [perpass] Unauthenticated, ephemeral keying i… Stephen Farrell
- [perpass] CDNs as wiretaps [Unauthenticated, ephe… Brian E Carpenter
- Re: [perpass] TLS discussion Learmonth, Iain Ross
- Re: [perpass] TLS discussion Stephen Farrell
- Re: [perpass] TLS discussion Phillip Hallam-Baker
- Re: [perpass] TLS discussion Stephen Farrell
- Re: [perpass] CDNs as wiretaps [Unauthenticated, … Eric Burger
- Re: [perpass] CDNs as wiretaps [Unauthenticated, … Learmonth, Iain Ross
- Re: [perpass] CDNs as wiretaps [Unauthenticated, … Stephen Kent