IETF Logo Mail Archive

[TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks

Mike Shaver <mike.shaver@gmail.com> Mon, 22 July 2024 16:57 UTC

Return-Path: <mike.shaver@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2583C14F71F for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 09:57:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vbwaaMCTtk8Y for <tls@ietfa.amsl.com>; Mon, 22 Jul 2024 09:57:24 -0700 (PDT)
Received: from mail-oi1-x230.google.com (mail-oi1-x230.google.com [IPv6:2607:f8b0:4864:20::230]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C427C151078 for <tls@ietf.org>; Mon, 22 Jul 2024 09:57:24 -0700 (PDT)
Received: by mail-oi1-x230.google.com with SMTP id 5614622812f47-3d9dfc7c5f6so2077940b6e.0 for <tls@ietf.org>; Mon, 22 Jul 2024 09:57:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721667443; x=1722272243; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=sDavGjjZmaWB4eXxylP8DsNDghTq0/W4QvKdt6wVwsA=; b=Lc6UATn0soB/64C+myDv4t6Tft6RTVK86/qlJIhObd9ScmkS599QvXKvdLmPaLMtZk 5rykZcduACzINOiUK0UUnTmxxgd+acBBBiQUF1CbiDoRt6fgYbGQeNK2Fp6dJEzj26G9 Iqx2px/kHxwkxmkvnWZL3Jr4WS+pTITOymnqPgH+CqIPVpZX/9NiiFouiayEI+9YJQKW vBc970vgFwNekzIpUcKJZsqgwFSy1/Hj8NAsmoCNWFvo10Aitubcph/eb5PSCJUsDuy8 i6LTaNC2or4erWtc9gFfpFJhbRvG0JB/vqXNAjddX+0BBiU/eORsym4j7+UG7gUfIWjS WJfA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721667443; x=1722272243; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=sDavGjjZmaWB4eXxylP8DsNDghTq0/W4QvKdt6wVwsA=; b=KRg0LXor10Y5wRlJ0NM07x3OrQp6NuCjxxD+9FjtP4ujaMOnggL4SWp87RXPKC+d8I eiRtLzpyMUThF+Z5yePqDvjOhSVSYaNVVtb5XK7mPh5bDxhTVYgwQJQ8wONzjle7npTa KQ/U4nbcd7YqSWUVNQ7CAaPiWRGUUo6nkqcof1REv2B7Y13uw/V4M/ZZ3b+RG5GoBgy/ KYjnUBS1BY58BRqLsrCQOrwMqyaakKWBAL3W4djxBLvZpecKzrQXjD8vd/Zpj5RbJH1W Dby9R68wq2SE/3rerOoRUScdsG0wY8OAPdOeStFC7gBefaktahrwQSnUSjHl6NFCfB7h f05g==
X-Forwarded-Encrypted: i=1; AJvYcCWmc8+yx3TznsK1eiMkZcTnWeUXtR4HFH+g9UxLQjfwU5822W2kk1Q5hP+uKa7n0EGmMfZ1us4oXR9SLCE=
X-Gm-Message-State: AOJu0Yzvomosil8yS0I/wlNNdj1f/7WHN1WaxcG6hH+fUEuJQQ3U0H8e 0Ci33Q9sMrsw1NWknWiZkBPWGL/JGHLOTStuQNlrn5KiGH1OGIWyvP1syKFjMAqzp+a+azxd3ZV AvNpewlq/XUJT2Z/6Hc32mMhBvOo=
X-Google-Smtp-Source: AGHT+IGkJEI3ysc0UxxazdzhMZIBqse55Z1XgJlA4oaODQF3jLfeb1GmX/cfojF45cL0P1DowVT0pGmm9b7htbWH868=
X-Received: by 2002:a05:6808:2106:b0:3d2:1da4:af64 with SMTP id 5614622812f47-3dae5fcd79dmr12959208b6e.12.1721667442635; Mon, 22 Jul 2024 09:57:22 -0700 (PDT)
MIME-Version: 1.0
References: <CAD2nvsT4qWqudiv1C1wZn6rB4_s-9EDENq5TXEbxr_ygcMFjDQ@mail.gmail.com> <CAChr6Sw+gxK3dO29F9bsLTQReJz6LzT2hZb5O7LAXmKzQbKTSw@mail.gmail.com> <CACf5n7_29CNXLf+SmpKKOWkc_3Oi2BZqZ8irU+z=3btJns_1-Q@mail.gmail.com> <CAChr6SxJ3r88a4Aehv_5fsSWb1JApV6Lg4hfwdm0Oh5x04_shQ@mail.gmail.com> <479BA457-9001-4EBC-A84F-9E3EB71E809F@akamai.com> <CACsn0cmhsh-zeJOaa7xy_2crxgvhAF=nK9FqWxxf1dB2SMhMyQ@mail.gmail.com> <Zpu0reBpH3dtFYdf@LK-Perkele-VII2.locald> <CADQzZqtsj272Gt771Ef=VhS2+WvWKkct0Jx1=wmyS7kTu0ds1w@mail.gmail.com> <CAF8qwaB3VuWSYTi-gH99+N_cgi1ZAdMpzhrSE4=KTD5xbQMwXA@mail.gmail.com> <CADQzZqtyCQwQR2WPrBdqGGUm_tvZ7Akra5z9vqJ30x9vWBtxew@mail.gmail.com> <CAF8qwaDt-vhUb-E48874QLKe-YOc3xzC4VsArzYf_BGREz0+QQ@mail.gmail.com>
In-Reply-To: <CAF8qwaDt-vhUb-E48874QLKe-YOc3xzC4VsArzYf_BGREz0+QQ@mail.gmail.com>
From: Mike Shaver <mike.shaver@gmail.com>
Date: Mon, 22 Jul 2024 12:57:12 -0400
Message-ID: <CADQzZqvw0Phv1oa--C6HSZJpKkG899v36g-xXrwyiKpM8cyYJw@mail.gmail.com>
To: David Benjamin <davidben@chromium.org>, TLS List <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000056fb3b061dd8f04f"
Message-ID-Hash: 7FPDFEGORDDFT5DBM7BZUKS43VKZHRZC
X-Message-ID-Hash: 7FPDFEGORDDFT5DBM7BZUKS43VKZHRZC
X-MailFrom: mike.shaver@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: Trust Anchor Negotiation Surveillance Concerns and Risks
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/G2cgruGEECZJelMxNFDLXczhAaQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Mon, Jul 22, 2024 at 12:52 PM David Benjamin <davidben@chromium.org>
wrote:

> I say sometimes because this is not always viable. It's a more indirect
> way of addressing the root issue, so there are some limitations. First,
> this requires foresight on the part of the service operator and client
> vendor. If everyone knew ahead of time that the client might diverge (e.g.
> by way of standing still while the ecosystem moves), then one might set
> this up. But this is a perennial problem *because* people empirically do
> not know ahead of time. Or perhaps the vendor even intended to continue
> servicing their IoT devices, went out of business, but enough folks bought
> them and continue to happily use them that some other service provider does
> not wish to abandon them.
>
> We can try to help this by encouraging such foresight as best practice,
> but it takes just one important client of one important server to gum up
> the works. Trust anchor negotiation, if successful, provides a solution
> that doesn't require as much deployment-level foresight. (If the IoT device
> can negotiate trust anchors, it's easy. If it can't, the clients that *do* negotiate
> trust anchors can still evolve freely and do not add to the PKI
> intersection problem.)
>

Yep, I absolutely look forward to a web where we have this sort of
capability, either on endpoints themselves or even managed by a more-modern
intermediary. I’m not informed enough to comment on the protocol elements
of the specific Trust Anchor proposal, but I agree that more PKI agility
will be healthy.

Fundamentally, the TLS implementation community will be pushing this
agility into endpoints by default, which means that it would take active
divergence by a system implementor to create the sort of TBTF systems that
impede trust changes today.

Mike

v2.36.0 | Report a Bug | By Email | System Status