[TLS] Middlebox "arms race" WAS: Re: Last Call: <draft-ietf-tls-tls13-24.txt> (The Transport Layer Security (TLS) Protocol Version 1.3) to Proposed Standard
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Mon, 19 February 2018 16:00 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98AFB127909; Mon, 19 Feb 2018 08:00:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ioXtMMgrNQBP; Mon, 19 Feb 2018 08:00:33 -0800 (PST)
Received: from mail-pf0-x22b.google.com (mail-pf0-x22b.google.com [IPv6:2607:f8b0:400e:c00::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A165F129C53; Mon, 19 Feb 2018 08:00:33 -0800 (PST)
Received: by mail-pf0-x22b.google.com with SMTP id i3so2305669pfe.5; Mon, 19 Feb 2018 08:00:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=u1hv3eH5BRQwXKaTDtzNOnTT5znTuq5WRsMLd2lFrE0=; b=PfdONWCrfgGeBUW+uU9VD1hLPXVaafzLA6oTT1mpFsMdVR3pzgMm/X7p2ESp+X/UVg IxGO7lYTPN66ZDEcXXeGK3gGNlqUVK2BqBRBjohKZyZHQBZynB+B4jXwUAq3MpajFkhM wSO0pGTYZxHXKfW8s4JMLG5uW+wJkyanbH73rjm7Wwn30+VH/ecL53vOad9WitKETLhH 8W1+Aetw9CtgVZyAjg8rh1oiLFqi2hKopamecpK2JrKw+69tuPZ2ZretMnCwghv574Wy b4v4sKaoHyNENR8O7/rGjeGBOf1q/ICjt9U/bZ2vvMRmDuPxFSwZzH4rWup+qDUw67NJ yNiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=u1hv3eH5BRQwXKaTDtzNOnTT5znTuq5WRsMLd2lFrE0=; b=nWA1bwAzmlD7C1ARRviC4ygsYUOMjC+pxD5fm0WTOL7OWAPUPNvgmYSLsogjD1/tGV 5vQ3NVU9d0Aeynq59fYUAREBb4tVO1ia7PSv0gVC6YJhChpwRIIg0hKEm6DJtho7go5t m55VOZ6h/GnrMxFjZl92axfV46hbQ6cKn8JZxBNgzchh8+xfBW7gX8CoQ146dTPz2OhX 2YhEFz2ewTUdnQtSZQ2dUPHpTNpivqh70s0TEbWPgV6Egs/FRxyMFNOWQ6Dp31wDIWYp 8TI88KwNgvhqsV2tYMOfJ3IAfYT8V+1NeQJK5oDUhQ4xVAM8z6S4mDSOKmpsZu00t8Lb 0BBg==
X-Gm-Message-State: APf1xPBmN1XuPZCvZ021xwfjeE+eK3+FWsmGWc+kBUV2gMY4DlIYU4Yk hy3p524TzBSpw3+AptnnFb7prb6+CJG6DUjE1TZDfw==
X-Google-Smtp-Source: AH8x225hG1uECM1t6P7KLRrHWQT1nCglKmDcNzpC2oYWjxDw4v79Feu3pLRL7bWYwqtYSa3UfMTRVZJPmxLt3+PZWeQ=
X-Received: by 10.99.111.130 with SMTP id k124mr4400605pgc.236.1519056033114; Mon, 19 Feb 2018 08:00:33 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.229.67 with HTTP; Mon, 19 Feb 2018 07:59:52 -0800 (PST)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Mon, 19 Feb 2018 10:59:52 -0500
Message-ID: <CAHbuEH56qbSWP4fN+R76Ed7==MUp+yVNS3kfbYxzOMzLG1XuOg@mail.gmail.com>
To: Yuhong Bao <yuhongbao_386@hotmail.com>
Cc: IETF-Announce <ietf-announce@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "draft-ietf-tls-tls13@ietf.org" <draft-ietf-tls-tls13@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AY55wP73dOnLIaitnW3bvcqn5PM>
Subject: [TLS] Middlebox "arms race" WAS: Re: Last Call: <draft-ietf-tls-tls13-24.txt> (The Transport Layer Security (TLS) Protocol Version 1.3) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Feb 2018 16:00:37 -0000
Dear Yuhong, My personal opinion in the "arms race" (your phrasing, not mine), no AD hat on (as that one is to support the WG decision), is that it will continue until we really hear each other out and think more on the problems the other side is trying to solve. Perhaps there are ways to meet all or at least some of the goals in other ways. If we don't work together to understand the challenges, we'll never make progress and remain in this arms race. I also think that if you push on e2e in protocol design without listening to the other side, protocols may not enjoy the deployment percentages that you'd like to see, adoption could be hindered. Many of the operators have expressed that they would like to see e2e and are fully supportive of privacy goals, but are trying to figure out other ways to accomplish tasks. Logging from applications has been found to be lacking by many operators, if this could be improved on the application side, then a shift to use end point monitoring becomes more practical. From the draft I have been working on (toward the goal of increasing adoption of e2e protocols), "The Effect of Pervasive Encryption on Operators", the following logging types have been called out as being deficient: Service providers typically use only headers at layers 2,3, and 4 "packet tracing and inspection along the service path provides operators the visibility to continue to diagnose problems reported both internally and by their customers. Logging of service path upon exit for routing overlay protocols will assist with policy management and troubleshooting capabilities for traffic flows on encrypted networks. Protocol trace logging and protocol data unit (PDU) logging should also be considered to improve visibility to monitor and troubleshoot application level traffic." Within the enterprise (where they already own all the data), logging at a more granular level for application debugging will assist with a transition to rely more on end points for diagnostics. Interactions between applications an databases has been called out as an issue that could be improved with enhanced logs on transactions, queries, etc. Fraud detection does rely on transaction monitoring already, but banks are using network based tools as well for this and other incident detection (data exfiltration, etc.). In this case, pattern detection is really helpful and that might include variances in sizes of packets, destinations, times of transactions, types of data accessed (by who, when), etc. Some of this can still be done on the network with encrypted traffic streams. I personally think e2e would get further ahead in the arms race if they spent time working to solve these other issues with operators so that monitoring could move to the end point or closer to it. Yoav has said it on list before, vendors of middleboxes often update quickly. My interpretation of that is continuing to alter the protocol to break middleboxes won't work as a strategy to disrupt many middleboxes. Solving customer problems will have a much greater impact toward improving deployment in my personal opinion. Much of this debate is about control anyway - application vs. network - and not about privacy. Many operators also support the goal of privacy for end users. Best regards, Kathleen On Mon, Feb 19, 2018 at 10:58 AM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote: > Dear Yuhong, > > As the sponsoring Area Director, my job is to take the draft forward > as was determined by working group consensus. Like Stephen, I'm also > not particularly happy about the choice to leave in 0-RTT, but I have > to support it as a WG decision. Whatever the version number in the > ServerHello decision is from the WG, I will support that decision. > The ServerHello decision doesn't really fall into the, "arms race" as > you put it. More on that in another thread. > > Best regards, > Kathleen > > On Thu, Feb 15, 2018 at 9:04 PM, Yuhong Bao <yuhongbao_386@hotmail.com> wrote: >> I wonder what is IESG's opinion on the TLS arms race with middleboxes. >> Yes, I am talking about moving the version number in the ServerHello. >> >> ________________________________________ >> From: TLS <tls-bounces@ietf.org> on behalf of The IESG <iesg-secretary@ietf.org> >> Sent: Thursday, February 15, 2018 1:13:48 PM >> To: IETF-Announce >> Cc: draft-ietf-tls-tls13@ietf.org; tls-chairs@ietf.org; tls@ietf.org >> Subject: [TLS] Last Call: <draft-ietf-tls-tls13-24.txt> (The Transport Layer Security (TLS) Protocol Version 1.3) to Proposed Standard >> >> >> The IESG has received a request from the Transport Layer Security WG (tls) to >> consider the following document: - 'The Transport Layer Security (TLS) >> Protocol Version 1.3' >> <draft-ietf-tls-tls13-24.txt> as Proposed Standard >> >> The IESG plans to make a decision in the next few weeks, and solicits final >> comments on this action. Please send substantive comments to the >> ietf@ietf.org mailing lists by 2018-03-01. Exceptionally, comments may be >> sent to iesg@ietf.org instead. In either case, please retain the beginning of >> the Subject line to allow automated sorting. >> >> Abstract >> >> >> This document specifies version 1.3 of the Transport Layer Security >> (TLS) protocol. TLS allows client/server applications to communicate >> over the Internet in a way that is designed to prevent eavesdropping, >> tampering, and message forgery. >> >> >> >> >> The file can be obtained via >> https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ >> >> IESG discussion can be tracked via >> https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/ballot/ >> >> The following IPR Declarations may be related to this I-D: >> >> https://datatracker.ietf.org/ipr/2900/ >> >> >> >> The document contains these normative downward references. >> See RFC 3967 for additional information: >> rfc8017: PKCS #1: RSA Cryptography Specifications Version 2.2 (Informational - IETF stream) >> >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > > > -- > > Best regards, > Kathleen -- Best regards, Kathleen
- [TLS] Middlebox "arms race" WAS: Re: Last Call: <… Kathleen Moriarty