Re: [TLS] Update on TLS 1.3 Middlebox Issues

Nick Sullivan <nicholas.sullivan@gmail.com> Sat, 07 October 2017 14:17 UTC

Return-Path: <nicholas.sullivan@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DF6213320C for <tls@ietfa.amsl.com>; Sat, 7 Oct 2017 07:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KcEkeROsivBg for <tls@ietfa.amsl.com>; Sat, 7 Oct 2017 07:17:50 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E53F1331BA for <tls@ietf.org>; Sat, 7 Oct 2017 07:17:50 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id t69so12818355wmt.2 for <tls@ietf.org>; Sat, 07 Oct 2017 07:17:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1QgmwBYqvxOdjueJIpaI3OC6DBvOIG+8gsBs+9EHMCs=; b=RJaJ/YAwhKUlTRtmvFRoCyMpUOj5A+oSqiP+fwTTZY2Rx7iDjm41Hrk58+UaHuonlh LGYcGpgE/oTA3RF5dznukd9Wz8a1LAXHP0T/TN6K7wjlbcB1Yr3UJkOi1HdRzJ+QxQ1p EJbr/hspFEgTCzdVxyljY6hgj1sG0p3VraEVk8p5iKz0+6Mm5qz5NBykP4+6J6fDbWP0 MqQu9IDIZTD7fk+Ayf9fk36PaAYWgAPc/lmAxvgzadw7Em3I6Tg0N8ZCNYCnvWDPIlTT eLgcMhBqPnVu13oixqcTMpQyT6DJiCag0QgCiIMoheLPPQ3j9WM7Ij/N5DQ5Bbuc9v4H QQwg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1QgmwBYqvxOdjueJIpaI3OC6DBvOIG+8gsBs+9EHMCs=; b=VUnuraEwiqv5xv2h8Ux/njwsvuPddOdyjSZgEiKLc6l+YYXiJZrnHDVkhuJZbMmty0 5nyNEByB9/cMbEEnilFWATtHHBJOn43+/6JR+ug0SprjJIqtq8QRYX0vGCyIXDZ5rY1h H6h/DisEYNN/Wx3hiczJyKGaxaG4vTZtiOMsVz7Vhq5T0WuFR3SCmnsSF4gA973m1T8E 9b9vhbwIMmt0MzytXQhHz9c6he3GWhHh74YPy/u9Xe8+GgEWRNzny65mgC1XbN5cFZXR gS1zV8lyMUKCHyPTrBuvYB1qBTiwjeIN7Z82cwv9nAicLjczmW8H4Mjo64komHJBZx+O AEqw==
X-Gm-Message-State: AMCzsaU0dvTKPLimg01KqipNxCqfnYTvetmrFY32vZ4Hv2zz0txu20VR pfsKZIlIwpdMLzh1Kot33/PLKjQLxyHSNuj+T0E=
X-Google-Smtp-Source: AOwi7QBRInIBEGRx/42YVwc6Ighx3oc13kYdrdtTvg4TtyHxYQB9DgOWl3bER/7Nr/4b36juDwIEvCe+HPAt38MmNs0=
X-Received: by 10.28.111.203 with SMTP id c72mr4685860wmi.42.1507385869073; Sat, 07 Oct 2017 07:17:49 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBMoW8B78C5UmLqAim4X=jQ8jVRYTP-L7RVnU3AScdFvFw@mail.gmail.com> <EAD84CE1-41A9-40FE-B882-18F077FFD691@akamai.com> <17791E16-1E12-4E8E-A098-31E961C2B2CB@gmail.com>
In-Reply-To: <17791E16-1E12-4E8E-A098-31E961C2B2CB@gmail.com>
From: Nick Sullivan <nicholas.sullivan@gmail.com>
Date: Sat, 07 Oct 2017 14:17:37 +0000
Message-ID: <CAOjisRx9rwtbwBOTB+PegrKim2Q3bDmwbZi6KAu0aFMEaYSxRw@mail.gmail.com>
To: Rich Salz <rsalz@akamai.com>, Yoav Nir <ynir.ietf@gmail.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a114779fa44016a055af59fb0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4iS5BWPA9AuE6sQgAuMchtsZrYo>
Subject: Re: [TLS] Update on TLS 1.3 Middlebox Issues
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Oct 2017 14:17:53 -0000

Yoav,

Let me make a correction to your scenario:. Instead of:
"You’ll need it for Chrome to work with Google."
it's:
"You’ll need it for Chrome to work with Google, Facebook, and most of the
10% of Alexa top million sites that are using Cloudflare."

TLS 1.3 (in on draft version or another) is very widely deployed on the
server side. Enabling it by default in a major browser would break enough
of the Internet that both middlebox vendors and enterprises/ISP who use
them will take notice.

The browser vendors will have to do their own calculus around whether or
not the ecosystem benefits of accelerating the deployment of TLS 1.3
compatibility by deploying no-downgrade TLS 1.3 defaults outweigh the
business costs associated with the potential harm to their relationships
with enterprises.

For example, Chrome has a history of making large bets that break a portion
of the internet in order to force ecosystem changes (see SHA-1, SSLv3).
However, these have been projects with gradual changes and long lead times.
Also, the failure rates introduced by such changes were well below 2% of
all connections. Furthermore, these changes typically revolved around
server changes (updating certs, changing configurations) not
software/firmware updates to devices.

I don't want to speak for browser vendors, but history suggests that Option
3) may not be a viable one for browsers with a significant market share.

Nick

On Sat, Oct 7, 2017 at 1:33 PM Yoav Nir <ynir.ietf@gmail.com>; wrote:

> On 7 Oct 2017, at 4:01, Salz, Rich <rsalz@akamai.com>; wrote:
>
> Thanks very much for the update.
>
> There is a third option, name the devices which are known to cause
> problems, and move forward with the draft as-is.
>
>
> +1.  I like this third option.
>
> 2. Tell all those vendors "You have 1 month to fix this. Fix it. Oh,
> it's your customers who don't update? Seems you don't have any
> reasonable update system. Call your customers,
>
>
> Vendor: Hello customer. We have an update for you that will make TLS 1.3
> work.
>
> Customer: No way. We’re in the middle of the year-end processing. We’re
> not making any configuration changes until the second week of January.
>
> Vendor: But it’s a simple fix. It will make things work better. You’ll
> need it for Chrome to work with Google.
>
> Customer: What part of “not making any configuration changes” was not
> clear to you!?
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>