IETF Logo Mail Archive

Re: [Tcpcrypt] New version of the charter text

marcelo bagnulo braun <marcelo@it.uc3m.es> Mon, 28 April 2014 12:17 UTC

Return-Path: <marcelo@it.uc3m.es>
X-Original-To: tcpcrypt@ietfa.amsl.com
Delivered-To: tcpcrypt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5DF1A073E for <tcpcrypt@ietfa.amsl.com>; Mon, 28 Apr 2014 05:17:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.852
X-Spam-Level:
X-Spam-Status: No, score=-104.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TlFASxTpHGGy for <tcpcrypt@ietfa.amsl.com>; Mon, 28 Apr 2014 05:16:57 -0700 (PDT)
Received: from smtp01.uc3m.es (smtp01.uc3m.es [163.117.176.131]) by ietfa.amsl.com (Postfix) with ESMTP id EB7FD1A070F for <tcpcrypt@ietf.org>; Mon, 28 Apr 2014 05:16:56 -0700 (PDT)
Received: from smtp01.uc3m.es (localhost [127.0.0.1]) by localhost.uc3m.es (Postfix) with ESMTP id 3D05DCC808E for <tcpcrypt@ietf.org>; Mon, 28 Apr 2014 14:16:55 +0200 (CEST)
X-uc3m-safe: yes
X-uc3m-safe: yes
Received: from [163.117.85.124] (unknown [163.117.85.124]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: marcelo@smtp01.uc3m.es) by smtp01.uc3m.es (Postfix) with ESMTPSA id 2E666B47E1D for <tcpcrypt@ietf.org>; Mon, 28 Apr 2014 14:16:55 +0200 (CEST)
Message-ID: <535E46B6.60508@it.uc3m.es>
Date: Mon, 28 Apr 2014 14:16:54 +0200
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: tcpcrypt@ietf.org
References: <53576572.5030805@it.uc3m.es> <535D636D.8050108@iang.org> <535D6BF2.6040304@it.uc3m.es> <535D76BC.4060007@cs.tcd.ie> <535DE7C6.80902@it.uc3m.es> <535E308D.2090609@iang.org>
In-Reply-To: <535E308D.2090609@iang.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-TM-AS-Product-Ver: IMSS-7.1.0.1224-7.5.0.1017-20660.007
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpcrypt/a_sLkL8ms1UYYygVwzFvilZu1U0
Subject: Re: [Tcpcrypt] New version of the charter text
X-BeenThere: tcpcrypt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpcrypt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpcrypt/>
List-Post: <mailto:tcpcrypt@ietf.org>
List-Help: <mailto:tcpcrypt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Apr 2014 12:17:00 -0000

ok, given that we are talking about the same thing, i guess it is clear 
that there is no clear consensus to keep this in, so i will remove it 
from the charter and leave it for WG discussion


El 28/04/14 12:42, ianG escribió:
> On 28/04/2014 06:31 am, marcelo bagnulo braun wrote:
>> El 27/04/14 23:29, Stephen Farrell escribió:
>>> Hi Marcelo,
>>>
>>> On 27/04/14 21:43, marcelo bagnulo braun wrote:
>>>> - Hooks for allowing upper layers to disable encryption must be made
>>>> available.
>>>>      The protocol may try to avoid redundant encryption when it is
>>>> possible
>>>> e.g.
>>>>      by detecting encryption performed by upper layers (notably, when TLS
>>>> is used).
>>> Based on all the discussion on this so far, I'd also suggest
>>> deleting this bit. I agree with Ian that the reasons for
>>> including this stated so far are arm-wavy. And "detecting"
>>> that higher layers are encrypting vs. compressing seems unlikely
>>> in the general case too. If something is using TLS then the
>>> TLS code (which normally calls the socket API I think) can
>>> presumably determine if TCP Inc. would be on by default and
>>> do the right thing so there's no need for TCP Inc. to do
>>> anything for that case even if someone concludes that double
>>> wrapping isn't what they want.
>>>
>>> So count me as another -1 on inclusion of the above.
>> mmm, I guess i misread the previous discussion or i didnt managed to
>> explain what i had in mind.
>>
>> Let me try to explain myself (not trying to push for this, just want to
>> clarify).
>>
>> What i had in mind was _not_ about allowing the upper layer to disable
>> the encryption in the middle of a connection.
> Well, yes, I don't think anyone had that in mind.
>
>> What i had in mind was to allow the upper layer to say: "please for this
>> connection, dont use TCP-INC, just use plain old TCP".
> This is understood.  I believe this will exist in implementations,
> regardless, for development purposes.  I also believe the smart
> implementors will realise they don't need it, and nor do their users,
> and that they will solve some problems by getting rid of it (which
> realisation will also infect thinking about ciphersuites).
>
>> This is because
>> the upperlayer may knwo better, for instance, it is building its onw
>> security.
>
> If the upper layer truly knew better, it wouldn't be using TCP.
>
> Or, you might be saying, the upper layer is TLS.  In which case the
> developers are going to be really annoyed by the dual layers basically
> duplicating the same thing (if tcp-crypt is any guide) and is thus shear
> waste.  But the users won't know any different?
>
> And why can't the developers spend that time turning it off (with
> uncertain knowledge of whether the implementation is even there) by
> instead working with the TCP-crypt layer instead of against it?
>
>
>> If we dont provide this hook, then it is always encrypted if both ends
>> support and there is nothing the upper layer can do in order to avoid it.
>
> Yes.  But what is the problem with that?
>
> Obviously performance spring to mind, but many claim that is no longer
> an issue.  Without getting dragged into mindless academic foodfights
> about citations, the point is here that performance isn't the reason it
> was in 1994, when they broke HTTPS and put half the website in the
> clear.  I can't recall the last time I had to tweak SSH to use a faster
> cipher for huge backups, it was probably late 1990s.
>
> Latency could be an issue with say TLS over TCP-crypt over TCP-startup.
>
> Secondly, you bring up dual security.  Now, the nature of security is
> that a security layer cannot interfere with the data being transported,
> and indeed that's reflected in the charter.  So it is not as if there
> are going to be artifacts of interference in a proper implementation.
>
> Finally, it might be worth noting that it is a general NSA
> recommendation that systems should be dual-encrypted where the systems
> are sufficiently independent of each other.  e.g., IPSec at the
> point-to-point and PGP or SSH above that.  FWIW.
>
> Point being, there is no clear MUST nor SHOULD here, this again is a
> property that can and will emerge from the experimentation.
>
>
>> Please also note that this does not allow for the peer to downgrade the
>> connection or terminate encryption, as this has no impact in the wire,
>> it is only at the begining of the connection.
>>
>> Does this clarify things? What do you think?
>>
>> That being said, I am perfectly fine with removing it from the charter.
>
> That's what is being asked.
>
>
>
> iang
>
> _______________________________________________
> Tcpcrypt mailing list
> Tcpcrypt@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpcrypt
>

v2.23.0 | Report a Bug | By Email