IETF Logo Mail Archive

[TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks

"Salz, Rich" <rsalz@akamai.com> Sat, 20 July 2024 03:57 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D187C151524 for <tls@ietfa.amsl.com>; Fri, 19 Jul 2024 20:57:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.252
X-Spam-Level:
X-Spam-Status: No, score=-7.252 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id km_eOcYswPf3 for <tls@ietfa.amsl.com>; Fri, 19 Jul 2024 20:57:02 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78347C151525 for <tls@ietf.org>; Fri, 19 Jul 2024 20:57:02 -0700 (PDT)
Received: from pps.filterd (m0122333.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 46K3sGeQ025399; Sat, 20 Jul 2024 04:56:58 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=jan2016.eng; bh=5duyxZwQy/uVnzVx3ANO1m 4W8WKJYwH+oCtToSzl6hc=; b=k6Xcqm2hT4g7Jo5CRSAzI4WbNQKCdQ8VpSZpb+ ACRn/kn3fHMGi43++F3zDO2IStJFF8LdmLafDlde0p/HHy7RBKtoeezOVJsNJ1ql 7WTa440hacaDospQhTiSdmLOvZDpLFlOeEL8EdwWjoH+ZpdQuCwSpCGymTeoJI40 /bKXyGv97qOTHnVa61aSAXp7Xm5e/CeUvRphCFz7XNf7QAtfrAwEzQgnPV+Pd3dV q6EPkWI1bJmrJ3kDoTwn5bba/QRXAcBRcIdB7RQUNFE/x8TmijRk/7CFiR7gKp8p KacK9XvlMaBu3T5jOjuMKqaX8P4nB/s4bDkdNQ4Zs1vxYodw==
Received: from prod-mail-ppoint4 (a72-247-45-32.deploy.static.akamaitechnologies.com [72.247.45.32] (may be forged)) by mx0a-00190b01.pphosted.com (PPS) with ESMTPS id 40g4gjs03b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 20 Jul 2024 04:56:57 +0100 (BST)
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 46JNTGpw002076; Fri, 19 Jul 2024 23:56:56 -0400
Received: from email.msg.corp.akamai.com ([172.27.50.202]) by prod-mail-ppoint4.akamai.com (PPS) with ESMTPS id 40dwnfpvp2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 19 Jul 2024 23:56:56 -0400
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb3.msg.corp.akamai.com (172.27.50.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.34; Fri, 19 Jul 2024 20:56:56 -0700
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1258.034; Fri, 19 Jul 2024 20:56:56 -0700
From: "Salz, Rich" <rsalz@akamai.com>
To: Rob Sayre <sayrer@gmail.com>, David Adrian <davadria@umich.edu>
Thread-Topic: [TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks
Thread-Index: AQHa2klWWHyBMcM1SEaMEQwnm/4pk7H/VWiAgAAIcYD//9GWAA==
Date: Sat, 20 Jul 2024 03:56:55 +0000
Message-ID: <479BA457-9001-4EBC-A84F-9E3EB71E809F@akamai.com>
References: <CAD2nvsT4qWqudiv1C1wZn6rB4_s-9EDENq5TXEbxr_ygcMFjDQ@mail.gmail.com> <CAChr6Sw+gxK3dO29F9bsLTQReJz6LzT2hZb5O7LAXmKzQbKTSw@mail.gmail.com> <CACf5n7_29CNXLf+SmpKKOWkc_3Oi2BZqZ8irU+z=3btJns_1-Q@mail.gmail.com> <CAChr6SxJ3r88a4Aehv_5fsSWb1JApV6Lg4hfwdm0Oh5x04_shQ@mail.gmail.com>
In-Reply-To: <CAChr6SxJ3r88a4Aehv_5fsSWb1JApV6Lg4hfwdm0Oh5x04_shQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.87.24071426
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative; boundary="_000_479BA45790014EBCA84F9E3EB71E809Fakamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-20_01,2024-07-18_01,2024-05-17_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 bulkscore=0 mlxscore=0 suspectscore=0 malwarescore=0 mlxlogscore=999 spamscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2407110000 definitions=main-2407200026
X-Proofpoint-GUID: Uhl8lm_IYLNBPgwDbAfRfYDR3pqsiNUr
X-Proofpoint-ORIG-GUID: Uhl8lm_IYLNBPgwDbAfRfYDR3pqsiNUr
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-20_01,2024-07-18_01,2024-05-17_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 mlxlogscore=853 spamscore=0 lowpriorityscore=0 suspectscore=0 malwarescore=0 priorityscore=1501 adultscore=0 clxscore=1011 bulkscore=0 mlxscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2407110000 definitions=main-2407200027
Message-ID-Hash: CXH5NMEF2ECZJKDK4X2UDMXBCIMVUESO
X-Message-ID-Hash: CXH5NMEF2ECZJKDK4X2UDMXBCIMVUESO
X-MailFrom: rsalz@akamai.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Bob Beck <bbe@google.com>, Devon O'Brien <asymmetric=40google.com@dmarc.ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2DZ8F4dz2icrISC9omV0fEvSxJk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

  *   I've read it before. I the main issue is that it says "trusted" a lot.

Yeah, kinda snippy but not necessarily wrong.

I’m a little skeptical of approaches that solve an entire problem space with one architecture. I’m more skeptical of enough people having the ability to read and understand the semantics of several pages of JSON object descriptions. I know I got MEGO[1] a copule of times while reading it.

Can we simplify things and solve just one problem?

For example, in some off-line discuissions others have mentioned that with PQ signatures being so big, there are policy decisions that clients might want to enforce – do you need SCT’s? Do you want OCSP stapling? Maybe it will be worthwhile to just think about what kind hybrid/PQ policies clients will want to express?

[1] https://www.collinsdictionary.com/dictionary/english/mego

v2.37.1 | Report a Bug | By Email | System Status