Re: Request for Authenticated but not Encrypted Traffic
Dirkjan Ochtman <dirkjan@ochtman.nl> Mon, 03 October 2022 09:31 UTC
Return-Path: <dirkjan@ochtman.nl>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65BD7C14F74A for <quic@ietfa.amsl.com>; Mon, 3 Oct 2022 02:31:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hHG2OAUPmFZb for <quic@ietfa.amsl.com>; Mon, 3 Oct 2022 02:31:14 -0700 (PDT)
Received: from enrai.xavamedia.nl (enrai.xavamedia.nl [217.115.195.245]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58240C14F734 for <quic@ietf.org>; Mon, 3 Oct 2022 02:31:12 -0700 (PDT)
Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com [209.85.216.45]) by enrai.xavamedia.nl (Postfix) with ESMTPSA id 2017590004C for <quic@ietf.org>; Mon, 3 Oct 2022 11:31:10 +0200 (CEST)
Received: by mail-pj1-f45.google.com with SMTP id x32-20020a17090a38a300b00209dced49cfso6893818pjb.0 for <quic@ietf.org>; Mon, 03 Oct 2022 02:31:10 -0700 (PDT)
X-Gm-Message-State: ACrzQf2LGig4uQCDnTZueRPytrjRUB5yMBQrD9avIZ2ZevOk9U6uXLFj ZH1lkETHlLI8DU0wwSPZw+IcgtOCYGXnLf8b4/E=
X-Google-Smtp-Source: AMsMyM4jmMeNBX/cyW8H2vy5CJUjRj2Rc03VtP11NNdzaAGGG2gYeypqoA6IGg7o+m0ONXhxNJvKGrHUFEZKOyrCyEw=
X-Received: by 2002:a17:90b:3a8e:b0:200:5585:4099 with SMTP id om14-20020a17090b3a8e00b0020055854099mr11521930pjb.70.1664789468607; Mon, 03 Oct 2022 02:31:08 -0700 (PDT)
MIME-Version: 1.0
References: <SJ0PR08MB82889F488CCA7D8FC4997ACEFA579@SJ0PR08MB8288.namprd08.prod.outlook.com>
In-Reply-To: <SJ0PR08MB82889F488CCA7D8FC4997ACEFA579@SJ0PR08MB8288.namprd08.prod.outlook.com>
From: Dirkjan Ochtman <dirkjan@ochtman.nl>
Date: Mon, 03 Oct 2022 11:30:57 +0200
X-Gmail-Original-Message-ID: <CAKmKYaCLkhyEhwYK98knD1MG4HGR=xaU0bSob_EpCdwz2-GuEg@mail.gmail.com>
Message-ID: <CAKmKYaCLkhyEhwYK98knD1MG4HGR=xaU0bSob_EpCdwz2-GuEg@mail.gmail.com>
Subject: Re: Request for Authenticated but not Encrypted Traffic
To: "Randy Armstrong (OPC)" <randy.armstrong@opcfoundation.org>
Cc: "quic@ietf.org" <quic@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/bfhS2AFwqCauaV7xpLdI7OWUAoI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2022 09:31:16 -0000
On Thu, Sep 29, 2022 at 2:32 PM Randy Armstrong (OPC) <randy.armstrong@opcfoundation.org> wrote: > For this reason, an authentication only option is essential to making QUIC a viable choice for communication within factories. I don't know if this is something that fits your use cases, but some QUIC implementations provide pluggable authentication/encryption, so that you could conceivably build (with relatively little effort) a custom QUIC-like protocol that doesn't use encryption. One such implementation is Quinn (full disclosure, I'm one of Quinn's maintainers): https://github.com/quinn-rs/quinn I am aware of at least one other company that inquired about a use case involving Quinn with a custom `CryptoSession` implementation that would forgo encryption for their internal proxy network. Kind regards, Dirkjan
- Request for Authenticated but not Encrypted Traff… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Roberto Peon
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Salz, Rich
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Martin Thomson
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Carsten Bormann
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Carsten Bormann
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Lars Eggert
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Matt Joras
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Dave Taht
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Christian Huitema
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Randy Armstrong (OPC)
- Re: Request for Authenticated but not Encrypted T… Willy Tarreau
- Re: Request for Authenticated but not Encrypted T… Paul Vixie
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- RE: Request for Authenticated but not Encrypted T… Antoine FRESSANCOURT
- Re: Request for Authenticated but not Encrypted T… Dirkjan Ochtman
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Martin Duke
- Re: Request for Authenticated but not Encrypted T… Michael Tuexen
- Re: Request for Authenticated but not Encrypted T… Roberto Peon
- Re: Request for Authenticated but not Encrypted T… Behcet Sarikaya
- Re: Request for Authenticated but not Encrypted T… Lucas Pardue
- Re: Request for Authenticated but not Encrypted T… Eliot Lear
- Re: Request for Authenticated but not Encrypted T… Phillip Hallam-Baker