Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Dobbins, Roland" <rdobbins@arbor.net> Mon, 17 July 2017 12:21 UTC

Return-Path: <rdobbins@arbor.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1E52131B52 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:21:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thescout.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9x-X4KHKJkJE for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:21:53 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0116.outbound.protection.outlook.com [104.47.36.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AE09131B50 for <tls@ietf.org>; Mon, 17 Jul 2017 05:21:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thescout.onmicrosoft.com; s=selector1-arbor-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=O6Ff89rZ/g3OffFvz0SvFLBzPOpWvlCDMxp+egYjsQI=; b=bn5bPfLD3iHoNVUV8K4xvIzpQ/k56Jt9s6DDsXchm4N2JLSmB2/ffx7xCt8r/+UPSL1bs0TA+SElPN9cfiSdbJBJYPOazw+yIknj3io3S9kW2157BemMD2453gzqYGNLRGuVjHTfwfukcOeyt/BpEvy8NeomyxrAQc3ewOi/4D4=
Received: from DM2PR0101MB1039.prod.exchangelabs.com (10.160.129.156) by DM2PR0101MB1037.prod.exchangelabs.com (10.160.129.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Mon, 17 Jul 2017 12:21:51 +0000
Received: from DM2PR0101MB1039.prod.exchangelabs.com ([fe80::810f:2255:5d85:2fc7]) by DM2PR0101MB1039.prod.exchangelabs.com ([fe80::810f:2255:5d85:2fc7%17]) with mapi id 15.01.1261.022; Mon, 17 Jul 2017 12:21:51 +0000
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: "Salz, Rich" <rsalz@akamai.com>
CC: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] draft-green-tls-static-dh-in-tls13-01
Thread-Index: AQHS/ulnreU48MdBA0WwDcIvwebnRKJX52IAgAAJVe8=
Date: Mon, 17 Jul 2017 12:21:51 +0000
Message-ID: <52AE5A8E-CD75-450D-B143-F886B3B08991@arbor.net>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <72BACCE6-CCB9-4DE9-84E6-0F942E8C7093@gmail.com> <a0a7b2ed-8017-9a54-fec0-6156c31bbbfa@nomountain.net> <6AF150DF-D3C8-4A4A-9D56-617C56539A6E@arbor.net> <CAN2QdAGRTLyucM1-JPmDU17kQgAv0bPZNASh54v=XoCW+qj48A@mail.gmail.com> <CACsn0cnc0X5++cOvTNsboda8J42qg3VDquZ4Va-X-YDcggnbvA@mail.gmail.com> <7423703D-5277-4F78-A2ED-1B7E152E7B08@arbor.net>, <3847dfbfb9f5497a8aababb665e18ea8@usma1ex-dag1mb1.msg.corp.akamai.com>
In-Reply-To: <3847dfbfb9f5497a8aababb665e18ea8@usma1ex-dag1mb1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: akamai.com; dkim=none (message not signed) header.d=none;akamai.com; dmarc=none action=none header.from=arbor.net;
x-originating-ip: [88.208.89.131]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM2PR0101MB1037; 7:PmZYHeS9L0dt9yWCIXtVcuLULJ8l62X55rxmx2Y9vmmvieGW7QsO4QID3wEN78eLJvf2LxSTgzOcBMhwCYHs2USZWdSPejyes58BwJ4yYPJuIhorhqM/QfTzDJbaSGhJXE/q8+0UTtxR0LpyiNuM110etr/oaSiLbUUg07dxEGFitzTYA2RdFNzn9XKDaJt8oW1tQNB8Yny0SpS/QzYQJ8m7KW0TAGtN0PsvKyCw1RVMxxlvsuWvsjIfRCQn+1NsXzqEepj/kaqlNY4ullrdcf/YMu+y5+BCoevaEseGiB5aVDme9I9tZxDBF0VfaBb8C2AoHWpeUjq/7R5PmR/faCdSo/XM7NN2SN0dRVRtDQRV2knPV0a2YGee+Y0njymwxpNfCs8YYJhmqObGGXsHdY915XSxtkbqaR/dXwtWEDGClGJWAw0MluDhrMbZrJjCDB6iOFqcm7MliHuR7QxySeVNbv5CtfTwrkak4tlKRVXW9/Kjw/BQiur+jS39LGvd1XVXOy+pekn5wut/hbdzMkb11r6IAAmiYWJVemxkq3ki/vlZdFb4xLuS8EpiTfoHYEXd8k/rDHNX4yPGu4WMl20Z/mavChVe1XtZc8lJuYYGPxkq3iBR9dHqMPgsnkzEPd64y5QiRnLDwkMxheYtB98psufo3dSZmt1ZBs21eYqdRaTTFi35eXUlIZCZfeJV1utr9uYleqRLG7EhzLU7AZ57zCeNjm2MpQsqt0JXpIye7dkxU7UgTr2ypkjBg4tLW3zW9PXplOLcnyu1b+HMMCUX32a9mP8nGbRL+qJZVRA=
x-ms-office365-filtering-correlation-id: f79064ae-d563-4fa1-267b-08d4cd0e679d
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR0101MB1037;
x-ms-traffictypediagnostic: DM2PR0101MB1037:
x-exchange-antispam-report-test: UriScan:(246478575198768)(236129657087228)(48057245064654)(50300203121483);
x-microsoft-antispam-prvs: <DM2PR0101MB10373534168C9D49D93CC7D4CAA00@DM2PR0101MB1037.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(2017060910075)(5005006)(10201501046)(3002001)(100000703101)(100105400095)(93006095)(93001095)(6041248)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR0101MB1037; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR0101MB1037;
x-forefront-prvs: 0371762FE7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39410400002)(39450400003)(39850400002)(39840400002)(39400400002)(24454002)(53936002)(6246003)(230783001)(50986999)(5660300001)(76176999)(54356999)(66066001)(3660700001)(36756003)(99286003)(236005)(6512007)(54896002)(93886004)(3280700002)(2900100001)(82746002)(83716003)(189998001)(4326008)(14454004)(6506006)(33656002)(6486002)(81166006)(7736002)(5250100002)(8676002)(6916009)(53546010)(2950100002)(102836003)(8936002)(229853002)(25786009)(86362001)(2906002)(6436002)(478600001)(38730400002)(110136004)(6116002)(3846002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0101MB1037; H:DM2PR0101MB1039.prod.exchangelabs.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_52AE5A8ECD75450DB143F886B3B08991arbornet_"
MIME-Version: 1.0
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2017 12:21:51.6108 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 54f11205-d4aa-4809-bd36-0b542199c5b2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1037
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/0oxapl2R19w7UlkYpaVtNrR7-Aw>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 12:22:00 -0000


On Jul 17, 2017, at 13:48, Salz, Rich <rsalz@akamai.com<mailto:rsalz@akamai.com>> wrote:

Sometimes it is.

Not at scale, in the vast majority of cases - as I'm sure you're aware, hence the 'sometimes'. Corner-cases are just that.

Can we stop making definitive declarations like this?

About factual matters, no, 'we' can't.  I'm tired of seeing established objective facts about how & why intranet network open need visibility into  cryptostreams on their own networks being treated as theoretical & subjective.

There are more things in the world, Horatio, then are dreamt of in your philosophy.

Likewise.


-----------------------------------
Roland Dobbins <rdobbins@arbor.net<mailto:rdobbins@arbor.net>>