IETF Logo Mail Archive

[TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks

Dennis Jackson <ietf@dennis-jackson.uk> Mon, 22 July 2024 18:27 UTC

Return-Path: <ietf@dennis-jackson.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEBEEC15199D for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 11:27:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dennis-jackson.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M33Qb6MikPcN for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 11:27:49 -0700 (PDT)
Received: from mout-p-101.mailbox.org (mout-p-101.mailbox.org [IPv6:2001:67c:2050:0:465::101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B2D0C151535 for <tls@ietf.org>; Mon, 22 Jul 2024 11:27:48 -0700 (PDT)
Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4WSTKV1t03z9snQ for <tls@ietf.org>; Mon, 22 Jul 2024 20:27:42 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dennis-jackson.uk; s=MBO0001; t=1721672862; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=uzKTxPRzhPgNTB9EK8bwtmiBQaTISeCtqSIO4oXDxiA=; b=Ux9JqEFsOufqCYE2lHkv5y4Q424c6KInrN2r1MTmm7GLdp0Jo4K7dAxf1hANalpFi45KDO 2ajTfD6Jfw4ytmxStVHYs7a2CM0OpaJ0EBd+Pd7wGOjHMliyI99kOvZO4fLgGFOVMeAbMj yhUIcYnUKGPmg4eOrBg5adtsaDm8FBmrQ3vE+nYZSwSwpi615SXD12iHCH4F87Uswm7hQd 0hQGelSvF86Fcxfi9RWmBAt0lm5o03X6aq1FhHgQ5WdSIh3XiTP5Q3tu3fHQsk3WYgq7Zq Sn3McN2uB5/0bosqDPF6AOQXVWWG3XcTYj+tAKkg3zDUTlBNXcYoKu/xqS1aMQ==
Content-Type: multipart/alternative; boundary="------------MXSV5bqzNfbcfbrYiz6qYFUv"
Message-ID: <5f23bc91-b0a4-4ba4-add8-e920ca9c7784@dennis-jackson.uk>
Date: Mon, 22 Jul 2024 11:27:37 -0700
MIME-Version: 1.0
To: tls@ietf.org
References: <CAD2nvsT4qWqudiv1C1wZn6rB4_s-9EDENq5TXEbxr_ygcMFjDQ@mail.gmail.com> <CAChr6Sw+gxK3dO29F9bsLTQReJz6LzT2hZb5O7LAXmKzQbKTSw@mail.gmail.com> <CACf5n7_29CNXLf+SmpKKOWkc_3Oi2BZqZ8irU+z=3btJns_1-Q@mail.gmail.com> <CAChr6SxJ3r88a4Aehv_5fsSWb1JApV6Lg4hfwdm0Oh5x04_shQ@mail.gmail.com> <479BA457-9001-4EBC-A84F-9E3EB71E809F@akamai.com> <CACsn0cmhsh-zeJOaa7xy_2crxgvhAF=nK9FqWxxf1dB2SMhMyQ@mail.gmail.com> <Zpu0reBpH3dtFYdf@LK-Perkele-VII2.locald> <CADQzZqtsj272Gt771Ef=VhS2+WvWKkct0Jx1=wmyS7kTu0ds1w@mail.gmail.com> <CAF8qwaB3VuWSYTi-gH99+N_cgi1ZAdMpzhrSE4=KTD5xbQMwXA@mail.gmail.com> <CADQzZqtyCQwQR2WPrBdqGGUm_tvZ7Akra5z9vqJ30x9vWBtxew@mail.gmail.com> <CAF8qwaDt-vhUb-E48874QLKe-YOc3xzC4VsArzYf_BGREz0+QQ@mail.gmail.com> <CADQzZqvw0Phv1oa--C6HSZJpKkG899v36g-xXrwyiKpM8cyYJw@mail.gmail.com> <254e0d54-7438-4666-8a0b-1ddf431e65d4@dennis-jackson.uk> <CADQzZqupwoqLbJNEU4RgA+G983_a34g-MmHsJN=XZygjLtDUkw@mail.gmail.com>
Content-Language: en-US
From: Dennis Jackson <ietf@dennis-jackson.uk>
In-Reply-To: <CADQzZqupwoqLbJNEU4RgA+G983_a34g-MmHsJN=XZygjLtDUkw@mail.gmail.com>
Message-ID-Hash: EDEJRAMG46JM6Z2NRXVIMFE5W2VWZ36Z
X-Message-ID-Hash: EDEJRAMG46JM6Z2NRXVIMFE5W2VWZ36Z
X-MailFrom: ietf@dennis-jackson.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3KfhNqOT3ROMyjE7fYsQ7QryIQw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On 22/07/2024 11:00, Mike Shaver wrote:

> I’m not informed enough to comment on the protocol elements of the 
> specific Trust Anchor proposal, but I agree that more PKI agility will 
> be healthy.
>
> [...]
>
> Trust Anchor negotiation will require configuration of both sides, but 
> so does cipher negotiation and so forth, and I think that it will be 
> fine for a library to come with “sane, web-like” defaults, and then 
> provide a mechanism for configuring alternative policies when desired.

I think reading the drafts would be really valuable. Unfortunately the 
necessary changes are not as simple as anything like cipher selection.

For example, Trust Anchors requires the TLS Library to have access to 
additional DNS records, which either the application needs to provide or 
the TLS Library needs to fetch itself - neither seem viable by default. 
Both drafts also require other breaking API changes on client and server.

> This would let modern clients like browsers continue to tend to the 
> web PKI, without the opposing force of such possible disruptions. From 
> my experience with root programs, this would be a very welcome capability!

I would love to hear more about these possible disruptions you feel are 
a factor> Speaking as someone who is involved in a root program 
currently, I don't understand how Trust Anchor Agility would enable 
anything for us - discussed at more length here [2].

Best,
Dennis

[2] 
https://github.com/dennisjackson/trust-negotiation-comments/blob/main/comments-on-usecases.md

v2.34.0 | Report a Bug | By Email | System Status