Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 07 July 2017 10:27 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3932129AD3 for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 03:27:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wJxhwIKjacFC for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 03:27:54 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3D7A12ECCE for <tls@ietf.org>; Fri, 7 Jul 2017 03:27:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 61705BEB0; Fri, 7 Jul 2017 11:27:51 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8PR0C8Qw_fL3; Fri, 7 Jul 2017 11:27:46 +0100 (IST)
Received: from [10.244.2.100] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 0D199BE8A; Fri, 7 Jul 2017 11:27:46 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1499423266; bh=8i32S0THDv7COYjM6CsUeF8lbLiI++tWdcf4LeKDd9c=; h=Subject:To:References:From:Date:In-Reply-To:From; b=awhQg6/AscJ5xm7UtiNPv80W8zrH95cWzMjgEYqp1Yj191b+ACrDAQgOCRSrDDrjr 7ArSl6MaI/ip4x63Oj2Dz7pNe6cjG7u1MTi0dw972Y6buR4FCTwsAXwNB/cR1XEO9z XLLco23F/WlkfxAXLSO70xo4IaRqlDIk4PVeypxo=
To: Matthew Green <matthewdgreen@gmail.com>, tls@ietf.org
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <36dfe827-be6e-3205-4262-a68be066b61e@cs.tcd.ie>
Date: Fri, 7 Jul 2017 11:27:45 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="nVMjUSx1PmcAlXU1CdtSo7qhO1HdJIU4N"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/0ivDBV4RYN6Iyn1yyfXJdRM3B38>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 10:27:58 -0000

I don't believe the WG should adopt this as it goes
against rfc2804 and encourages bad behaviour. We
ought not be helping to normalise broken crypto. I'm
happy to repeat that at the mic in Prague but would
be even happier if this draft were not discussed
there - these attempts to weaken security have IMO
already taken up too much time and too many cycles.

S.

On 07/07/17 08:02, Matthew Green wrote:
> The need for enterprise datacenters to access TLS 1.3 plaintext for
> security and operational requirements has been under discussion since
> shortly before the Seoul IETF meeting. This draft provides current thinking
> about the way to facilitate plain text access based on the use of static
> (EC)DH keys on the servers. These keys have a lifetime; they get replaced
> on a regular schedule. A key manager in the datacenter generates and
> distributes these keys.  The Asymmetric Key Package [RFC5958] format is
> used to transfer and load the keys wherever they are authorized for use.
> 
> We have asked for a few minutes to talk about this draft in the TLS WG
> session at the upcoming Prague IETF. Please take a look so we can have a
> productive discussion.  Of course, we're eager to start that discussion on
> the mail list in advance of the meeting.
> 
> The draft can be found here:
> 
> https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-01
> 
> Thanks for your attention,
> Matt, Ralph, Paul, Steve, and Russ
> 
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>