Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 19 July 2017 17:15 UTC

Return-Path: <prvs=8373673639=uri@ll.mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B7CA131B54 for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 10:15:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yLYCqWKArRrP for <tls@ietfa.amsl.com>; Wed, 19 Jul 2017 10:15:06 -0700 (PDT)
Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) by ietfa.amsl.com (Postfix) with ESMTP id 4013A131474 for <tls@ietf.org>; Wed, 19 Jul 2017 10:15:05 -0700 (PDT)
Received: from LLE2K10-HUB02.mitll.ad.local (LLE2K10-HUB02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTP id v6JHF49m035904 for <tls@ietf.org>; Wed, 19 Jul 2017 13:15:04 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] draft-green-tls-static-dh-in-tls13-01
Thread-Index: AQHS/ulwkltwWiCLAkez9/LKtukmkaJYpiSAgAAE/ICAAtZXgIAAGYoA//++zoCAAEWCAIAABMAA///DOoA=
Date: Wed, 19 Jul 2017 17:15:03 +0000
Message-ID: <9A49F3C7-DEC7-4FEA-9017-B48DAC1D1446@ll.mit.edu>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <72BACCE6-CCB9-4DE9-84E6-0F942E8C7093@gmail.com> <a0a7b2ed-8017-9a54-fec0-6156c31bbbfa@nomountain.net> <6AF150DF-D3C8-4A4A-9D56-617C56539A6E@arbor.net> <CAN2QdAGRTLyucM1-JPmDU17kQgAv0bPZNASh54v=XoCW+qj48A@mail.gmail.com> <CACsn0cnc0X5++cOvTNsboda8J42qg3VDquZ4Va-X-YDcggnbvA@mail.gmail.com> <7423703D-5277-4F78-A2ED-1B7E152E7B08@arbor.net> <CACsn0cmo0HXBj7MidTTwkgE+Hwed9SrEODSzN8oURzQHJTW1aQ@mail.gmail.com> <E5BF12C2-B79A-444B-B4C2-90D28B40CCAC@arbor.net> <CACsn0c=_OT8R6SSr0P3RvT7Qx+smfz1DAKjH9Gni+jM8Ue4v5A@mail.gmail.com> <CAAF6GDc9e9TGWVaOjdb83AFH=z2kt41Rje+r4Ureoc6KVgEUJg@mail.gmail.com> <B08F0D98-FAE9-494C-AA96-4CE89792B770@ll.mit.edu> <CAAF6GDdSnCggfsrSG68An348ngR+fcb+9nQcKvJJGFtxg8NzJw@mail.gmail.com> <FDC8499C-FA96-4992-B1F2-C90F6154856B@arbor.net>
In-Reply-To: <FDC8499C-FA96-4992-B1F2-C90F6154856B@arbor.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.23.0.170610
x-originating-ip: [172.25.177.195]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3583314903_2066918823"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-07-19_12:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707190274
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2JPsrqwlUTzddrXou9dMsyCmHEI>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 17:15:12 -0000

>> That's not what I've seen. Instead, I see administrators creating port mirrors on demand and then
>> filtering the traffic they are interested in using standard tcpdump rules, and I see MITM boxes
>> that selectively decrypt some traffic to look inside it and apply some kind of security filtering.
>> In the former case, DNS lookups and IP/port destinations are commonly used to trigger some suspicions too. 
>  Correct.

Yes I realize all that. That is the “traditional” way.

My point is that if you own/control the endpoint, then it doesn’t matter from the architecture point of view where you tap – and if TLS is not broken (i.e., does not allow you to “selectively decrypt”) you can tap the plaintext at the endpoint. You just need a different set of tools. But considering how today’s endpoints are loaded with tons and tons of “security software”, it seems rather straightforward. 

It’s not like you have an opaque endpoint, and the switch is the only place your visibility starts.
    
>> That's not how the tcpdump/wireshark approach usually works. You give it the private key and
>> decrypts the TLS connection as it's happening.
>
>  Correct. 
> Ex-post-facto is insufficient to purpose.  Real-time is the focus.  Archiving is rarely done,
> and is typically just snippets representative of the incident in question. 

Yes. The contention is between being able to decrypt already-encrypted traffic on-demand, and being able to tap the traffic before the encryption (or after the decryption) on-demand.

Your current tools to the first. Evolvement of the technology is pushing you towards the second. Arguing against it IMHO would have as much effect as arguing against exporting strong crypto had decades ago. Or are you simply trying to delay the inevitable?