Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Kyle Rose <krose@krose.org> Fri, 07 July 2017 18:40 UTC

Return-Path: <krose@krose.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC3771317CF for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 11:40:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 37coSQivwRJk for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 11:40:38 -0700 (PDT)
Received: from mail-qk0-x22e.google.com (mail-qk0-x22e.google.com [IPv6:2607:f8b0:400d:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BB00128DE5 for <tls@ietf.org>; Fri, 7 Jul 2017 11:40:38 -0700 (PDT)
Received: by mail-qk0-x22e.google.com with SMTP id v143so34534273qkb.0 for <tls@ietf.org>; Fri, 07 Jul 2017 11:40:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=FJyAhCRFXKVfeqBuWjlN+/ntv5aizMqFz8qjBTGGRVE=; b=dlpXq2RvKA11dHZZVDOWEVXm9fDUzoUNyz43v2dk+L7B8BPQdsI5bKMNw7iYDUJ+pG zKOjZv6iUQbxBaY+OaLaQw8YmrzKEfCYW6xdoqA038W2a89/SHNUH8A/dKSw5nwvsyeu v+I5qoItb4P3FJhZz/8VSeH5aSgkDTXtPNVLU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=FJyAhCRFXKVfeqBuWjlN+/ntv5aizMqFz8qjBTGGRVE=; b=W66/MrVnfNNKFCouwuKs1J2lToqLVEBi3fe/u9edOsTRGFuhpviqdNDPVySBRjBag3 BHCun+/u1jUXmG2xo5BzA1aPo+tsNMIRyrqacKBTP8r6PhDVSHPKK8NkFS9P2+Oa7Hzs PGXHMG01/nvwEdngSxh//yx2npU/po56IUtJ4L+PaIlMtSRJTx9Pe6btSQLDHlMjyTaF 44WVQAiv9llLfwKXuKB+4PtnoOzEgbrMBo1Ti0yMvKG00pKZpZDrldMXBHXiqN8XGTXH izbV3UdtTBruG6bILpWjwMudpviuEn1SHSUyG+dy2i1iv0xViE+G7nkzCRkaeMTF11aL GcaA==
X-Gm-Message-State: AKS2vOzYHJrPPc2Cr39waj9exgaebnzil1GALdr7J1745k8+fiizLG6d VkOQtCCulx+34jaejTcOrsQDqwYNLAP5
X-Received: by 10.55.140.71 with SMTP id o68mr71578331qkd.18.1499452837437; Fri, 07 Jul 2017 11:40:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.128.194 with HTTP; Fri, 7 Jul 2017 11:40:36 -0700 (PDT)
X-Originating-IP: [72.246.0.14]
In-Reply-To: <39bad3e9-2e17-30f6-48a7-a035d449dce7@cs.tcd.ie>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAL02cgRJeauV9NQ2OrGK1ocQtg-M2tbWm2+5HUc4-Wc8KC3vxQ@mail.gmail.com> <71E07F32-230F-447C-B85B-9B3B4146D386@vigilsec.com> <39bad3e9-2e17-30f6-48a7-a035d449dce7@cs.tcd.ie>
From: Kyle Rose <krose@krose.org>
Date: Fri, 7 Jul 2017 14:40:36 -0400
Message-ID: <CAJU8_nXBFkpncFDy4QFnd6hFpC7oOZn-F1-EuBC2vk3Y6QKq3A@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Russ Housley <housley@vigilsec.com>, Richard Barnes <rlb@ipv.sx>, IETF TLS <tls@ietf.org>, Matthew Green <matthewdgreen@gmail.com>
Content-Type: multipart/alternative; boundary="001a114f885cbbb7820553be912e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/CIaYwhkXiklnkBTeJuWIBeXysro>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 18:40:41 -0000

On Fri, Jul 7, 2017 at 2:21 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>;
wrote:

> I find it really hard to believe anyone is convinced of that.
>
> Yes, one could chose to use this proposed wiretapping scheme
> like that but figure 3 in the draft makes if fully clear that
> this colluding or coerced wiretapping device can be anywhere
> on the Internet.
>
> 2804 says "no" here - are you proposing to obsolete that?


I don't think 2804 says any such thing. In fact, it explicitly states that:

q( On the other hand, the IETF believes that mechanisms designed to
     facilitate or enable wiretapping, or methods of using other
     facilities for such purposes, should be openly described, so as to
     ensure the maximum review of the mechanisms and ensure that they
     adhere as closely as possible to their design constraints. The IETF
     believes that the publication of such mechanisms, and the
     publication of known weaknesses in such mechanisms, is a Good
     Thing. )

My reading of 2804 is that the IETF takes no moral position on wiretapping;
recommends against it on technical grounds; and encourages documentation of
proposed or in-use mechanisms for wiretapping for the express purpose of
publicizing the flaws inherent in any such approach.

IMO, an informational draft submitted via the ISE seems completely
appropriate for something like this. I'll add that we've already gotten
good input toward better alternatives on this very thread, which suggests
that having these discussions out in the open is likely to result in better
practical outcomes for user populations that are, one way or the other,
going to be subject to systems like this. Discussing something does not
presuppose or imply agreement on the objectives.

Kyle