Re: Request for Authenticated but not Encrypted Traffic
Phillip Hallam-Baker <phill@hallambaker.com> Fri, 30 September 2022 15:30 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 106F8C14CE27 for <quic@ietfa.amsl.com>; Fri, 30 Sep 2022 08:30:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.411
X-Spam-Level:
X-Spam-Status: No, score=-6.411 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YVg0kHqWRsCz for <quic@ietfa.amsl.com>; Fri, 30 Sep 2022 08:30:35 -0700 (PDT)
Received: from mail-oi1-f180.google.com (mail-oi1-f180.google.com [209.85.167.180]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60C68C14CF16 for <quic@ietf.org>; Fri, 30 Sep 2022 08:30:35 -0700 (PDT)
Received: by mail-oi1-f180.google.com with SMTP id s125so5100960oie.4 for <quic@ietf.org>; Fri, 30 Sep 2022 08:30:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=2dsbZm4jHvzqu+/zIFNYn5AmPzusvlY/Lu0hbFx3xlU=; b=JOjvzHIX4GAmrqn7z5QQOZbpmlv93Xwe2tlLJBUPpxby/RGh5MHLXHlRuLyr5WhMgm adAQp4uFolpooa/POH6HpnaUAVrs3klYleO868LlZC1JloL1mtQuj5fRMZSHnWqEkDo8 i/cTsT19cFmlmKfNgcRSfZt/9pq84auEHRb/6+/T8MUZWeXdi9J1SKw6dYRNDwJkfiy2 ZEJ4itlOwDQG8CytnQOMGdwMN83gEJSsK5cDdH5YprM48VFVOxES/GBiFM0DGObb08aG TQ7fQZiNGY++zoVVWuIVSUfm+DBi4pSavDniUx0pScZk3szpm1LO3YBKyqJJlsOULqEQ +MLA==
X-Gm-Message-State: ACrzQf33sLFt45h6GAOeUgCeEsN229a7omnjTWx20GO2iXXkYBvIuFfp aXmAKH5EU/nbgKNnocCoBe44Lr6n34cCwa1eKjVZmzXj
X-Google-Smtp-Source: AMsMyM5cc7GaufrOcXDYX8/QSX6cmkjz9NO8cE8QQzEQBT7yyCOxME5GTHQSvenZtLZQBKzxCX8MkhLxMj0AoL72A7c=
X-Received: by 2002:a05:6808:1a87:b0:34f:67aa:5089 with SMTP id bm7-20020a0568081a8700b0034f67aa5089mr9557151oib.108.1664551834450; Fri, 30 Sep 2022 08:30:34 -0700 (PDT)
MIME-Version: 1.0
References: <SJ0PR08MB82889F488CCA7D8FC4997ACEFA579@SJ0PR08MB8288.namprd08.prod.outlook.com> <CAMm+Lwh1DWyVNL7M6q0gAS77HyN5KXRa3cNn732ivbAMGSFVDg@mail.gmail.com> <SJ0PR08MB82888EE2140D219EF758CF76FA569@SJ0PR08MB8288.namprd08.prod.outlook.com> <da161bf2-2eea-77b9-c96f-e391fe867c3b@lear.ch> <SJ0PR08MB8288B7C5823FC9069D83A23AFA569@SJ0PR08MB8288.namprd08.prod.outlook.com>
In-Reply-To: <SJ0PR08MB8288B7C5823FC9069D83A23AFA569@SJ0PR08MB8288.namprd08.prod.outlook.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Fri, 30 Sep 2022 11:30:22 -0400
Message-ID: <CAMm+LwjLSYj-q4FOVXv43eBE7mhMPnr5buNsLrDhk-F2L=ufZA@mail.gmail.com>
Subject: Re: Request for Authenticated but not Encrypted Traffic
To: "Randy Armstrong (OPC)" <randy.armstrong@opcfoundation.org>
Cc: Eliot Lear <lear@lear.ch>, "quic@ietf.org" <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cd831405e9e6ac89"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/2PmZhwMHodpcZ318iFcSwmqTsKE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2022 15:30:36 -0000
I don't think it is helpful to use pejorative language in technical discussions. A backdoor is by definition secret to the party being observed. We went through this whole mess with key escrow which people treated as the spawn of Satan and as a result, we have no viable standard for securing data at rest because if you are going to encrypt valuable data, being absolutely sure you can decrypt it if required is actually a much bigger concern than disclosure. I did develop a mechanism that allows for verifiable selective access which Comodo may or may not be applying for a patent on. Dan Harkins also has work in that area. The reason that I didn't raise them earlier is that my latest work on RUD which is designed to go beyond TLS security provides an effective means of bypassing any controls of that type so the patent claims are probably moot. RUD is designed to defeat traffic analysis and censorship so the entire packet payload is encrypted, including the stream and flow data. A connection can also be established with a reserved prefix to support steganography and address extension. So a connection can say 'start the RUD payload at byte 32' and those bytes can then be used to add a phony QUIC header to bypass IRG/FSB/etc packet inspection. Alternatively, it could be a fixed prefix negotiated with a carrier grade NAT system to effectively extend the IPv4 address space without going to IPv6. RUD does not have to be a standard to provide a means of rendering verifiable observability moot, it just needs to have one implementation. On Fri, Sep 30, 2022 at 4:38 AM Randy Armstrong (OPC) < randy.armstrong@opcfoundation.org> wrote: > > - I think the key point here is that sometimes observability is a > feature and not a bug. This is particularly important in > industrial/critical infrastructure. That observability can be achieved in > many ways. One question is whether the observability itself should itself > be authorized. > > Putting backdoors into protocols is not equivalent to letting applications > decide to skip encryption. > > A backdoor is like giving law enforcement codes to break into a cellphone > and hoping that they will never abuse the power or the codes will never > fall into the hands of criminals. Letting applications decide is equivalent > to an owner of a cellphone choosing not to lock their screen because they > decide there is nothing that needs protecting. > > IOW, the fact that some users might be willing to live with the risk of a > compromised system by allowing for backdoors is not a reason to refuse to > allow other users to make a decision send data in clear text when and only > when they decide it is safe. >
- Request for Authenticated but not Encrypted Traff… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Roberto Peon
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Salz, Rich
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Martin Thomson
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Carsten Bormann
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Carsten Bormann
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Lars Eggert
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Matt Joras
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Dave Taht
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Willy Tarreau
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Antoine FRESSANCOURT
- Re: Request for Authenticated but not Encrypted T… Dirkjan Ochtman
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Martin Duke
- Re: Request for Authenticated but not Encrypted T… Michael Tuexen
- Re: Request for Authenticated but not Encrypted T… Roberto Peon
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker