IETF Logo Mail Archive

[TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks

Dennis Jackson <ietf@dennis-jackson.uk> Mon, 22 July 2024 17:36 UTC

Return-Path: <ietf@dennis-jackson.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78D86C14F748 for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 10:36:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dennis-jackson.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EYLv5E-pLbBN for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 10:36:02 -0700 (PDT)
Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2CC5C14F711 for <tls@ietf.org>; Mon, 22 Jul 2024 10:36:01 -0700 (PDT)
Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4WSS9m6wLvz9sqW for <tls@ietf.org>; Mon, 22 Jul 2024 19:35:56 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dennis-jackson.uk; s=MBO0001; t=1721669757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=+PNBySuxeUaQ7W3gr6bysvB4XBDqdLjK8JdyQNJmd1s=; b=Yi3q4WOTiU7XB6hGr1785LYC8cdIr9ZUcvq38AxkcM6jP2yma+r6FxHy1v6LfIRkMHQZg4 UUK+5c9E+TBnwMCoXv01G05SzUTkrjBo5Q8VwDww0QM4iqRPDjW2YUySSeNqA7R2swwT6X K0EfkY+GUc6Sig5R17KkdjB5GOVotbaAEghAE88IbhS9aSE/Z4B1jfFxuq+KYXNjGa2qxa 6fcZiIcACLVcIIfcg9K3N9AV3wIzsTTfOmYsGhllIYDqqliaXaTJwOABAoi/9anyVT4Agi zqwHmLwYpjo7mmnUd/jRD6E3rBBjWj10h0EqTkYqG9Kygv1OpU62TdrBPc96/A==
Content-Type: multipart/alternative; boundary="------------wrcIYfb9IQdSKSVTTL98xo0k"
Message-ID: <254e0d54-7438-4666-8a0b-1ddf431e65d4@dennis-jackson.uk>
Date: Mon, 22 Jul 2024 10:35:53 -0700
MIME-Version: 1.0
To: TLS List <tls@ietf.org>
References: <CAD2nvsT4qWqudiv1C1wZn6rB4_s-9EDENq5TXEbxr_ygcMFjDQ@mail.gmail.com> <CAChr6Sw+gxK3dO29F9bsLTQReJz6LzT2hZb5O7LAXmKzQbKTSw@mail.gmail.com> <CACf5n7_29CNXLf+SmpKKOWkc_3Oi2BZqZ8irU+z=3btJns_1-Q@mail.gmail.com> <CAChr6SxJ3r88a4Aehv_5fsSWb1JApV6Lg4hfwdm0Oh5x04_shQ@mail.gmail.com> <479BA457-9001-4EBC-A84F-9E3EB71E809F@akamai.com> <CACsn0cmhsh-zeJOaa7xy_2crxgvhAF=nK9FqWxxf1dB2SMhMyQ@mail.gmail.com> <Zpu0reBpH3dtFYdf@LK-Perkele-VII2.locald> <CADQzZqtsj272Gt771Ef=VhS2+WvWKkct0Jx1=wmyS7kTu0ds1w@mail.gmail.com> <CAF8qwaB3VuWSYTi-gH99+N_cgi1ZAdMpzhrSE4=KTD5xbQMwXA@mail.gmail.com> <CADQzZqtyCQwQR2WPrBdqGGUm_tvZ7Akra5z9vqJ30x9vWBtxew@mail.gmail.com> <CAF8qwaDt-vhUb-E48874QLKe-YOc3xzC4VsArzYf_BGREz0+QQ@mail.gmail.com> <CADQzZqvw0Phv1oa--C6HSZJpKkG899v36g-xXrwyiKpM8cyYJw@mail.gmail.com>
Content-Language: en-US
From: Dennis Jackson <ietf@dennis-jackson.uk>
In-Reply-To: <CADQzZqvw0Phv1oa--C6HSZJpKkG899v36g-xXrwyiKpM8cyYJw@mail.gmail.com>
Message-ID-Hash: 3RW3YXABHWXPCE5YC5O5SVQPIHITY3QB
X-Message-ID-Hash: 3RW3YXABHWXPCE5YC5O5SVQPIHITY3QB
X-MailFrom: ietf@dennis-jackson.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AQMrRYLyQynP18nKWFmX7v7-aps>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On 22/07/2024 09:57, Mike Shaver wrote:

> I’m not informed enough to comment on the protocol elements of the 
> specific Trust Anchor proposal, but I agree that more PKI agility will 
> be healthy.
>
> Fundamentally, the TLS implementation community will be pushing this 
> agility into endpoints by default, which means that it would take 
> active divergence by a system implementor to create the sort of TBTF 
> systems that impede trust changes today.

I would like to hear from the authors (or others in the TLS 
implementation community) if they think Trust Expressions / Trust 
Anchors can be pushed into non-browser endpoints by default and the work 
they think would be required to achieve it?

I think I see how, with substantial investment, an application like a 
browser could adopt these designs. I'm not sure I can see a TLS library 
ever being able to offer it by default.

Best,
Dennis

v2.31.3 | Report a Bug | By Email | System Status