Re: [TLS] The future devices that will break TLS 1.4
Yuhong Bao <yuhongbao_386@hotmail.com> Sat, 13 January 2018 00:34 UTC
Return-Path: <yuhongbao_386@hotmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CC6F1242F5 for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 16:34:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.875
X-Spam-Level:
X-Spam-Status: No, score=-0.875 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5W7kwnuVvIJO for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 16:34:36 -0800 (PST)
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-oln040092010090.outbound.protection.outlook.com [40.92.10.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BAF81241FC for <tls@ietf.org>; Fri, 12 Jan 2018 16:34:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=PD+dNCdlFlEsAd0pciet/6Il3HAsSv5PNS291JVXqvQ=; b=WFvVcvfbYZe83zPKp+49E/X8ngBf9st0qaElVVM7XA50boCMIUdAge4XO3rU8DOlWjxkPaL6Dhq9WA4fhfqud+exTgB5MlOyPWRUOEEHHc0+Mp+R4qE37f5+AePi1YiQQkWePJqS34QtifeyNjaOKaq/IH5JyE1BTNGl9r6TDI6vF5JFmhjv5OGDmEP4fDDRC7qHIR45uikz771tB8LC6AmzoqNHmwfIb0jRNYceAPQY+woHXYlR1xFwKHvd/V18RhOKTu8wBOurvE37X1AhFTZk9KaR/JC7zlinJgUaiHkXHPJ5SmA4YhfUf4l0Pzepohly/FOjQdUd7ijXIq5uaA==
Received: from CO1NAM04FT055.eop-NAM04.prod.protection.outlook.com (10.152.90.51) by CO1NAM04HT117.eop-NAM04.prod.protection.outlook.com (10.152.91.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.345.12; Sat, 13 Jan 2018 00:34:35 +0000
Received: from MWHPR1801MB2061.namprd18.prod.outlook.com (10.152.90.51) by CO1NAM04FT055.mail.protection.outlook.com (10.152.91.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.345.12 via Frontend Transport; Sat, 13 Jan 2018 00:34:35 +0000
Received: from MWHPR1801MB2061.namprd18.prod.outlook.com ([10.164.205.38]) by MWHPR1801MB2061.namprd18.prod.outlook.com ([10.164.205.38]) with mapi id 15.20.0386.009; Sat, 13 Jan 2018 00:34:35 +0000
From: Yuhong Bao <yuhongbao_386@hotmail.com>
To: Hanno Böck <hanno@hboeck.de>, Dan Wing <danwing@gmail.com>
CC: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] The future devices that will break TLS 1.4
Thread-Index: AQHTi/lrAD74E5jR80q8p2qaPVAj8aNw6QeAgAAFE4CAAAZ3eQ==
Date: Sat, 13 Jan 2018 00:34:35 +0000
Message-ID: <MWHPR1801MB2061DD6DB53FBC1E9FD791CCC3140@MWHPR1801MB2061.namprd18.prod.outlook.com>
References: <20180113000206.6bc36af6@pc1> <57CA48F7-CC49-42A3-AF9B-BCB4778264B2@gmail.com>, <20180113011115.765a3fc9@pc1>
In-Reply-To: <20180113011115.765a3fc9@pc1>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:F78C73FFFB9593A4F74B63E3F904EC9628505EB8033E13CFD8C3DD091AE3808F; UpperCasedChecksum:A3E902D75B9CAA1E67229171C28119E7B9650E2F5EF71B86D93ED6E5B2A18944; SizeAsReceived:7258; Count:47
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [DZiL7KlMVEFf3eF/x/+mtiaclGK1k9aT4Tm67A0TjOH/4ItXWSCq0+CgQYg6xKb9]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CO1NAM04HT117; 6:M+xcBhHGE3ZStZjbHAD/NDnNvDpnu9toU3VqB5GN7Z75lybVR2yQYnfhhg3BBu9+9AX6Fi3MoInyOg8VusJHN/bn6O7johcx1BU40N/t4RusDf2MvL5qBf8jKMWxBvvYhOWs8gU1aeoCyVZ6wBdGXLgYYaeLhA6ULPjSw+2KX+IqFjt2oMa0x5jv3eGYynfpU81kmsdVY3/qPBTlMzpVpwyuvzBZczjDuR/ItEjmlgQvyDZspnOJ/AF9Rd2JKgpjJ0ydokxaDUhQha9tk/dDmJYq0r/VcHw+rFbg34Vxa/9Qrr5vo+5Nr2JzPPYGksix6hp7GM2rPHDaMN82PWE1MrYsM7VHa3vuqacCH2xwvks=; 5:I9rbdwnX2H9Cp1598Ol+RefE+9G0b5xhM60gx41WZrYiZyEYrk7SKc5gd3kv9PwHDaoecmL3tRDzx4+fA9VEAmmmOJNuBI4HRZe6Fs6AHu2Z4/1n9bzFCd13ujU25zizvuXO5Q4ThmNM6Jg9HYUsI/RJOnmS1hAnjX3Us0OmlOQ=; 24:3sfjkWSw3CAccIKBtytxPxo2Ub6hHXO9zuAjM+wxdikKVwjxwbxgKMIcunLXNExWiOwYdgoG3fayrkI/tOfMKzquvJ4pgJV0wCTRyXddNsg=; 7:Dxe2e3K/wqBvQHc36QCOMau2BDBk+XyDA35uEJ3ZVbI6JwdPfc68KVDTsL+4GmyFftXtf0mO6nKkdszjBSz9OvEJUj3S93rjcz3V5Qfd1gOy1FQelvId38VNVJmJUQDma1hptJ/mUqRXaFwYLogrudsH1omNaOA+284N6kW7KCmT3yM4EIOPdL/axnlteETjmBC7YJZU+v1BXS6F58F+gLu7ZafB8iI6sXsvJ7km36Ebe1ffkLvKqV4HTfjAITPI
x-incomingheadercount: 47
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020089)(201702061074)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101448)(1601125374)(1701031045); SRVR:CO1NAM04HT117;
x-ms-traffictypediagnostic: CO1NAM04HT117:
x-ms-office365-filtering-correlation-id: 34291f88-90f4-4a76-9ff0-08d55a1d6bf4
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:CO1NAM04HT117; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CO1NAM04HT117;
x-forefront-prvs: 05514B7026
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:CO1NAM04HT117; H:MWHPR1801MB2061.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 34291f88-90f4-4a76-9ff0-08d55a1d6bf4
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2018 00:34:35.4225 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM04HT117
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/113U5cxNrBNYvfTwxvkK4EbJzzE>
Subject: Re: [TLS] The future devices that will break TLS 1.4
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jan 2018 00:34:38 -0000
Is that arms race really worth fighting? ________________________________________ From: TLS <tls-bounces@ietf.org> on behalf of Hanno Böck <hanno@hboeck.de> Sent: Friday, January 12, 2018 4:11:15 PM To: Dan Wing Cc: tls@ietf.org Subject: Re: [TLS] The future devices that will break TLS 1.4 On Fri, 12 Jan 2018 15:53:05 -0800 Dan Wing <danwing@gmail.com> wrote: > Those bugs that interfere with TLS handshakes are un-related to > Cisco's Encrypted Traffic Analytics ("ETA"). Different technologies. I haven't claimed that. I just think it's very plausible to assume that a company that already created two independent problems for TLS 1.3 will do the same in future products that mess with TLS in "new and exciting ways". And for the unlikely case that Cisco is able to learn from past mistakes I'm absolutely sure there will be others creating similar products that won't. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] The future devices that will break TLS 1.4 Hanno Böck
- Re: [TLS] The future devices that will break TLS … Dan Wing
- Re: [TLS] The future devices that will break TLS … Hanno Böck
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Christian Huitema
- Re: [TLS] The future devices that will break TLS … Tony Arcieri
- Re: [TLS] The future devices that will break TLS … Martin Thomson
- Re: [TLS] The future devices that will break TLS … Hubert Kario