Re: [TLS] Please discuss: draft-housley-evidence-extns-00
Martin Rex <martin.rex@sap.com> Wed, 20 December 2006 18:46 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gx6Sv-0007UM-D7; Wed, 20 Dec 2006 13:46:57 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gx6St-0007TG-RK for tls@ietf.org; Wed, 20 Dec 2006 13:46:55 -0500
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gx6Sr-0001JT-Bp for tls@ietf.org; Wed, 20 Dec 2006 13:46:55 -0500
Received: from sap-ag.de (smtpde03) by smtpde03.sap-ag.de (out) with ESMTP id TAA03210; Wed, 20 Dec 2006 19:46:39 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200612201846.TAA20793@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
To: mark@redphonesecurity.com
Date: Wed, 20 Dec 2006 19:46:39 +0100
In-Reply-To: <006701c723fc$31a55cc0$6801a8c0@rps.local> from "Mark Brown" at Dec 20, 6 00:00:47 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-SAP: out
X-Spam-Score: 1.1 (+)
X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Mark Brown wrote: > > After pointing out this unsolved problem for constructors of digital > evidence, Kent then affirmed the convention of delegating this seemingly > intractable problem to the application layer. "Signing things for > non-repudiation is usually an application-layer issue..." Correct. Choose between CMS & S/MIME, signed XML and maybe GSSAPI-IDUP if you're looking for standards how to put digital signatures on actual content, rather than TLS, who has a option to use a digital signature as a proof for possession of a private key as a method for online authentication. > (http://www3.ietf.org/proceedings/05nov/tls.html ) Which is a pretty > sensible approach, I think. But to be perfectly honest, isn't "application > layer" here a code word for "let them figure it out, we're not going to > waste any more time on this problem"? > > But now TLS Evidence can solve the "signer's intent" problems, and it > requires two parties, implying a network protocol connecting two parties. TLS Evidence can NOT solve the signer's intent problems, it is in the worst possible position to do so, right above the bits-on-the-wire. Most protocol stacks have several protocol layers in between, carrying data that is produced by software rather rather than users and users never get to know what amounts of protocol framing and auxiliary data the different layers of the software stack are going to put in there. They don't even know whether, when they are shown a popup window with "OK" and "Cancel", what will be sent over the communication channel -- is it "OK", or "0" or "0xff3456ab" or "button 0x200". The signer's intent is extremely sensitive to the context, and TLS has nothing to do whatsoever with the UIs -- which are going to have a significant impact on the users intent. And user shouldn't have to know or care about that. If users are expected to digitally sign actual meaningful content rather than producing evidence for possession/knowledge of a (private) key, then they better know every single bit that gets signed. IMHO TLS MUST NOT have access to keying material that vouches for anything else than "private key present". The purpose of TLS is online authentication, and the users private key is used to process arbitrary data as seen fit by the underlying authentication protocol. I'm firmly opposed to the TLS Evidence proposal. > > 2. What if in the scenario above the transmission is the acceptance of a > relatively small contract that, in its fine print, grants a huge amount of > intellectual property rights to the military? And later the contractor > wants to repudiate the signature, claiming that the transaction was a > forgery? If you need a contract sign, just do it. There have been perfectly working schemes to do contracts for centuries. Many do not require computers or the internet, and everyone knows how to handle them. You certainly do not need TLS contortions in order to do contracts. Think about what you propose: you're seriously suggesting that click-through-licenses are a good idea. I'm violently opposed to this. Fortunately German jurisdiction has been considering click-through licenses nul and void, and I certainly do not want that to change. Think about the much more dangerous use of this. Currently there are public forums operated by big companies (Microsoft,Google,etc.) and at least some of them have "terms of use" (subject to change without prior notice) which is supposed to transfer your IP to them for everything that you write/post/upload. Click-through licenses are evil, and I don't want to see an IETF working group pushing click-through licensing scheme. > > If only the high-assurance server signed the evidence then the > contractor can say that someone else initiated that transaction, > and the burden of proof rests on the military. As I mentioned, we don't have to reinvent the wheel -- the world has been successfully doing contracts before the internet, and with concepts every adult is accustomed to. I don't know how you think applications are being built today, but the application area that I know keeps adding protocol layers between the wire-level and the presentation layer (what the user really gets to see) like crazy. TLS is just above the network layer, hidden under several abstractions and resource-managed by the middleware. When the middleware feels like it (or when there's some network hickup) the network connection may be dropped and the TLS connection interrupted. Depending on the protocol layers in the middleware and the requirements of the application, the communication channel will be automatically reconnected and the TLS secure channel automatically re-established, transparent and unnoticed by the "application" in many scenarios. -Martin _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Please discuss: draft-housley-evidence-extn… Eric Rescorla
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Ari Medvinsky
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Kyle Hamilton
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… Kyle Hamilton
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- RE: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Steven M. Bellovin
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… Steven M. Bellovin
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Steven M. Bellovin
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Mike
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Eric Rescorla
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex