Re: [Secdispatch] Requesting agenda time for draft-krose-multicast-security
Lucas Pardue <lucaspardue.24.7@gmail.com> Fri, 29 October 2021 20:42 UTC
Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38C9C3A1729 for <secdispatch@ietfa.amsl.com>; Fri, 29 Oct 2021 13:42:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kPHwzTyRyRUP for <secdispatch@ietfa.amsl.com>; Fri, 29 Oct 2021 13:42:34 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A45743A16D8 for <secdispatch@ietf.org>; Fri, 29 Oct 2021 13:42:33 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id ee16so29562038edb.10 for <secdispatch@ietf.org>; Fri, 29 Oct 2021 13:42:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9gfUT1Uj6mxBWE2OhPO3/oYRmSosaZ7lHmC9vbrbYdY=; b=aOzI0E4mHwngZH63e4Pg8e/+SWYvKtV/6VyVgMAjbodUfhqUAbONjlQwlX/n5eDY6K z4bVdEo4tnKy8GMT59AwgLBvO5VpfI2L1MTKtRVZh5O5XOYuKz3qjpSAkgbCbusrxBdf kPbm8b/rYE3arBT10jUxOWzSJWy22fCwVQQbIvVVamNAtKlIbkfQt5N61escvOukM4iU H5M+3EntG6fMyOW9pGfcHr30SEThB41TwiXX/JlX8a9f4GNg83CS9P3E0WJMFznO9tJf cTywg0R4qpDCLjvvnjbLc/Nv6C5uZ6wQVGmlKQVI7jQDXGKCuvq1ww/MIAKSTQFnkWqs d4dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9gfUT1Uj6mxBWE2OhPO3/oYRmSosaZ7lHmC9vbrbYdY=; b=KrMn93azwtkP2/CDwqwu2fEAdWZ6ntdSBA7RfjEkzXA68GIqC23QnbsI2uIS12sTU1 UGtRsffAfrB80mmwikKBTutSyV4DyoHFQqE53RpP1iYzg8fwEzcpRSLnm9E+xVNU/sQ2 PUZzBPMbcLmzEBs0cw/SUNAlgcAyrsmCIRTzx1egtIJuGVBSr+WgQqGTaIZbseOM+YzV U09W+v70Vmx2lmZanedhc1zy69lG7DlwwyY5B7/LT4X4PpeCjVlKx4xTAstA+BTWg1MI Z8vGnVIOsOs2s+ZJjmImD85NBZIai/Rc3PM3sUh96iOTyKu62BKdvwtrTjcJSxfYkFA0 yiRw==
X-Gm-Message-State: AOAM5301cBQuXpaFQjqpGEIZMECuY8sfYxBhxWSbOQeepJKn80qpsSwS xfxNepDw2uwwNrlYJhXOFsb3AFcFr99T5uCDufoCkfgYkFo=
X-Google-Smtp-Source: ABdhPJysZXa3vHoO2MjbAXLDl3GnhGplsjzU1w+cY8Df4OFwePHIZs9Lykf1JRMo3huhMSZYrrPAG2Ew52Buyzg/3pY=
X-Received: by 2002:a17:906:fc0a:: with SMTP id ov10mr422735ejb.94.1635540150784; Fri, 29 Oct 2021 13:42:30 -0700 (PDT)
MIME-Version: 1.0
References: <898062F9-1B8F-46D7-96AE-1C7769F162A9@akamai.com> <CABcZeBPnS=1ayyt9Y4t+U3pSuSFtC-nszZK9c+FWdaimqJ6pMg@mail.gmail.com> <A45E88EC-CC61-4C55-92D8-87D26D09E1C5@akamai.com> <CABcZeBM9yWDKLkSO9M87836qsxpsqeSiUNLZ-h7uugZ46oZrYg@mail.gmail.com> <9BA8CB7F-E2EB-4888-8DE9-0D784E7EBB7C@akamai.com>
In-Reply-To: <9BA8CB7F-E2EB-4888-8DE9-0D784E7EBB7C@akamai.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Fri, 29 Oct 2021 21:42:19 +0100
Message-ID: <CALGR9oZ+UO3qr6_UsXwpg7w1rV_fkQk2Nvm1jgYbcV_fE1LfOA@mail.gmail.com>
To: "Holland, Jake" <jholland=40akamai.com@dmarc.ietf.org>
Cc: Eric Rescorla <ekr@rtfm.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b415d405cf83dd80"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/mhk_MSg3NHLtywAbVGiG3yKvA-4>
Subject: Re: [Secdispatch] Requesting agenda time for draft-krose-multicast-security
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2021 20:42:40 -0000
Hello, This is a very good discussion and I can't possibly hope to address the fine points that have been made by the different sides. What I will add as a point of reference is that a while ago when penning draft-pardue-quic-http-mcast, me, co-authors and associates tried hard to think about and capture the security and privacy aspects of using multicast for delivery of HTTP [1]. In the meantime, Jake, Kyle and co. have continued to work on addressing some of the questions; AMBI for integrity at the packets-level for example. The interesting higher-level question I'm getting from this discussion (and the ones in other venues) is whether there is any form of "secure multicast" can address the sorts of confidentiality/privacy questions that EKR raises. Work on secure multicast is not brand new, there was the MSEC WG [2] who produced 18 documents on the topic. However, the design choices for draft-pardue-quic-http-mcast imagined a world where there is not IP-layer security, and so security needed to be provided by either the transport or the application. As noted in the document, the ability for someone with the key to produce QUIC packets weakens those assurances, so additional asymmetric protections are added at the HTTP layer (digests and signatures). I'm not suggesting it solved all the problems, but it was demonstrably more secure that other multicast-based delivery methods that I am aware of. As Jake indicated, and as I can't speak for because I'm no longer close to the domain, multicast is widely used in several domains where real people at home consume it. That's typically done as part of a service that they pay for and they are likely to have no idea that the provider is doing this. If there's a problem with privacy of multicast-delivered services, we are in the thick of it. This bears some striking resemblence to DNS of yonder, where there was no notion in the general populace of more secure DNS or DNS provider agility. It would be nice to create a world where over-the-top IP multicast services are just as widespread as unicast ones (where networks allow that to be feasible) and answering the security/privacy question is important to getting there. Cheers, Lucas [1] - https://datatracker.ietf.org/doc/html/draft-pardue-quic-http-mcast-09#section-11 [2] - https://datatracker.ietf.org/wg/msec/about/
- [Secdispatch] Requesting agenda time for draft-kr… Holland, Jake
- Re: [Secdispatch] Requesting agenda time for draf… Eric Rescorla
- Re: [Secdispatch] Requesting agenda time for draf… Holland, Jake
- Re: [Secdispatch] Requesting agenda time for draf… Eric Rescorla
- Re: [Secdispatch] Requesting agenda time for draf… Holland, Jake
- Re: [Secdispatch] Requesting agenda time for draf… Lucas Pardue
- Re: [Secdispatch] Requesting agenda time for draf… Eric Rescorla
- Re: [Secdispatch] Requesting agenda time for draf… Morten V. Pedersen
- Re: [Secdispatch] Requesting agenda time for draf… Olopade, Olorunloba
- Re: [Secdispatch] Requesting agenda time for draf… Holland, Jake