IETF Logo Mail Archive

Re: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpeno-13: (with DISCUSS and COMMENT)

Eric Rescorla <ekr@rtfm.com> Mon, 13 November 2017 21:32 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97DF7126D05 for <tcpinc@ietfa.amsl.com>; Mon, 13 Nov 2017 13:32:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t0imxsqnglWm for <tcpinc@ietfa.amsl.com>; Mon, 13 Nov 2017 13:32:03 -0800 (PST)
Received: from mail-yw0-x235.google.com (mail-yw0-x235.google.com [IPv6:2607:f8b0:4002:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B592124319 for <tcpinc@ietf.org>; Mon, 13 Nov 2017 13:32:03 -0800 (PST)
Received: by mail-yw0-x235.google.com with SMTP id k3so14673520ywk.8 for <tcpinc@ietf.org>; Mon, 13 Nov 2017 13:32:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uodhHskn/w7e/26jRXZ3bSXyy0+JixSo6i2/6Vf5GJQ=; b=howueyT+zGCDklzOCQ/xH2e2mtisDXfO3pYykz1COb7uSkKERC6wTNj8FXHDcEq9cH RjEsjxhVV9RtvmXMuaYUK8io/rG7f/rH+jSnZ1qOS9sYgzntEqT4xURB3OdEiMao42pU Y4bfG1Y2DQZ8+muGivvkwKfw7OVslt3NG+pbc229VXGGV/c7w0JOZP2txomdwII8Mk+/ knl/X/qktOOrhjizAEN1lC0zj1E99MOImE2w8kospjNy9V1ws90OnRSN8gQS+Muwo+fX Lce70DaU8/RlrZvkq51qg3Id7WWWmmJN/Pw1FSdcsNzCR8yeM/J4cvtNF/y6zWN13+UI 3Izw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uodhHskn/w7e/26jRXZ3bSXyy0+JixSo6i2/6Vf5GJQ=; b=MG8vbwDib99W3mt7Mq/wO033SzyJNQVF4bCPhjDkvemxo610S+Bh7CZlmlsnXm5Q3B v2q9TraPMYbn0gBIOu0s2LjkOHES82zQQGr75XWEtF+WbYW9qspPcMqVxzWgp+D9DWev izDt3QaUHWvd7MILwyJNehLi1YmKKLZAsXAoXK3tHY3Yl7LQwwwOIiA/x095w4YIMdPG r8VY1ruLV9mD3U2QMTLpm2/RktbABARK9hwKZ/ga74bTHgR0GHPYqwbwFtGREu6gCwe9 uW1j0TfxGod/5rEVlLVTtMNvFnmlnQSd6xCq2qN7JAhSRiIRrzsNAYVlW43p9rvohlnS eqwQ==
X-Gm-Message-State: AJaThX6SAxV0zQv4iEU6iK7mPlllZZqxnjNaKbjxUjW4K9Cq7plgNA7M ErY3hcAwOTGNn79mho6qawCnQrKlNoQhdIL6wlNG0g==
X-Google-Smtp-Source: AGs4zMYgWUfPON/tw44YKevaekbjVAKeAgTBiNmcJT6YfSeyqnkLeehf+/zY7yxnwKD5/yISk3U9BFtglyzzbYP8dOw=
X-Received: by 10.129.172.25 with SMTP id k25mr5255933ywh.155.1510608722469; Mon, 13 Nov 2017 13:32:02 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.61.12 with HTTP; Mon, 13 Nov 2017 13:31:21 -0800 (PST)
In-Reply-To: <87o9o5g9e7.fsf@ta.scs.stanford.edu>
References: <151036581280.449.10740505473540594433.idtracker@ietfa.amsl.com> <CE03DB3D7B45C245BCA0D243277949362FD495EF@MX307CL04.corp.emc.com> <CABcZeBPfk6Pi=_UPvTBaS9jQBYjExUdqkdX5Q--iUuyCv_qZtw@mail.gmail.com> <CAJU8_nWpVhm4oTT+SLyG-nk=ww7nBU-DaVe86rUU-LGGqJvHvQ@mail.gmail.com> <CABcZeBO0TD0KnpTfe6CbHUoiS=FmGiGW6r_mFMH_9bYFWKqKLA@mail.gmail.com> <CABcZeBNp=1c1cx0+nJezjWy_Q4N9-PUeQuqOU_k7A7KhRj18EQ@mail.gmail.com> <CE03DB3D7B45C245BCA0D243277949362FD4BB57@MX307CL04.corp.emc.com> <CABcZeBPL2mVFtsL77Bdr=BUf7cb+qe_+Wxq42AtoohHmSmJaCg@mail.gmail.com> <CE03DB3D7B45C245BCA0D243277949362FD4BDAB@MX307CL04.corp.emc.com> <877euu7hy0.fsf@ta.scs.stanford.edu> <CE03DB3D7B45C245BCA0D243277949362FD4D450@MX307CL04.corp.emc.com> <87vaieow9k.fsf@ta.scs.stanford.edu> <CABcZeBPxOaK3DN5u0ohizt8rAQ+tShMuOcdpJBJ-2fmMJuQWgA@mail.gmail.com> <87o9o5g9e7.fsf@ta.scs.stanford.edu>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 13 Nov 2017 21:31:21 +0000
Message-ID: <CABcZeBNgmkEvuqvjxRLjNLTEksVZk-kTPDSzQK=bHYx5VayU3g@mail.gmail.com>
To: David Mazieres expires 2018-02-11 PST <mazieres-52aiupydaksbwarupqdqnp264w@temporary-address.scs.stanford.edu>
Cc: "Black, David" <David.Black@dell.com>, "tcpinc@ietf.org" <tcpinc@ietf.org>, Kyle Rose <krose@krose.org>, "tcpinc-chairs@ietf.org" <tcpinc-chairs@ietf.org>, "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>, The IESG <iesg@ietf.org>, "draft-ietf-tcpinc-tcpeno@ietf.org" <draft-ietf-tcpinc-tcpeno@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1badfc4c41bf055de400a1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/-h7-MP1ge3RDgYwCvo4nrORqQ5A>
Subject: Re: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpeno-13: (with DISCUSS and COMMENT)
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 21:32:06 -0000

On Mon, Nov 13, 2017 at 9:24 PM, David Mazieres <
dm-list-tcpcrypt@scs.stanford.edu> wrote:

> Eric Rescorla <ekr@rtfm.com> writes:
>
> > To be honest, I think this document is working too hard in both cases to
> > try to legislate that people don't do things that we think are bad. The
> > bottom
> > line is that in both cases the boundaries around what we think is OK and
> > what we think is not are kind of fuzzy (as you illustrate above with
> > Curve25519). Rather than try to write RFC 2919 language about this,
> > it would be better to simply describe the consequences of bad choices,
> > and say that the function must be collision resistant, and stop.
>
> I don't understand the RFC2919 reference.  Did you mean a different RFC,
> or is there some IETF lore about this being an overly-specified RFC?
>

Sorry RFC 2119.



> The thing is, there is definitely historical precedent for intentionally
> choosing weak crypto algorithms.


Yes, I really am aware of this.


  And while I hope the truly bad old
> days are behind us, I still think it's important that we abstract some
> base level of security out of TCP-ENO so that most applications don't
> need to whitelist TEP identifiers.
>

I think you're really overestimating the amount of influence IETF has here.
What we can do is stop IANA from registering code points, but nothing stops
people from just grabbing one for a noncompliant TEP. I'm fine with having
text in the RFC that says "this needs to be a strong function and that's
why",
but it's not like we can take people to court to make them stop doing that,
so having extremely precise and strong language here doesn't actually
help that much.

-Ekr

v2.23.0 | Report a Bug | By Email