[TLS] NIST on addressing visibility challenges with TLS 1.3
"Salz, Rich" <rsalz@akamai.com> Tue, 28 September 2021 16:54 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5F0983A34A0
for <tls@ietfa.amsl.com>; Tue, 28 Sep 2021 09:54:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.55
X-Spam-Level:
X-Spam-Status: No, score=-2.55 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id WmjpFzw4Albr for <tls@ietfa.amsl.com>;
Tue, 28 Sep 2021 09:54:04 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com
[IPv6:2620:100:9005:57f::1])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id A0EE03A34A3
for <tls@ietf.org>; Tue, 28 Sep 2021 09:54:04 -0700 (PDT)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1])
by mx0b-00190b01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 18SFNRte009862
for <tls@ietf.org>; Tue, 28 Sep 2021 17:54:03 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com;
h=from : to : subject :
date : message-id : content-type : mime-version; s=jan2016.eng;
bh=N0fPE+FbQRipxBGAiDUbYJaFaOcAn1Mf+S/jtcdPOa4=;
b=XABf822Fv6XYgNOV48AXifyl3cnNML4VLADY2kWrCzltkpebdn23IfJd84G/rzgjry7U
fmFB1ndjA8wSDnOXkrN8BhBe4RCKqsg+lY715fni7XikSpo27L8bV5NuB7p8YR3gYfdi
8e+H5d56pAnB6NrI65hNyYRn+q3nazHNtGCkn9Z1BFUFqUKE0W2uDrXKcByx6PQpcPSU
mrBsph3MCrdNKNMETMhqt6hbVaSvso5J/oO+KEUlaH0ws/D5Lerq91I6qWLl3fMFT0cN
I11ziibLjfxTEKutD43Ky2gH+V9iv3RsrxYrlsRGo0dkE/XsEHoJ2VfKpoO5+8+dE38c mA==
Received: from prod-mail-ppoint6 (prod-mail-ppoint6.akamai.com [184.51.33.61]
(may be forged))
by mx0b-00190b01.pphosted.com with ESMTP id 3bc5nb9xkk-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <tls@ietf.org>; Tue, 28 Sep 2021 17:54:03 +0100
Received: from pps.filterd (prod-mail-ppoint6.akamai.com [127.0.0.1])
by prod-mail-ppoint6.akamai.com (8.16.1.2/8.16.1.2) with SMTP id
18SGniY6012466 for <tls@ietf.org>; Tue, 28 Sep 2021 12:53:57 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.33])
by prod-mail-ppoint6.akamai.com with ESMTP id 3b9y3ydbdu-1
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
for <tls@ietf.org>; Tue, 28 Sep 2021 12:53:57 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by
usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP
Server (TLS) id 15.0.1497.23; Tue, 28 Sep 2021 12:53:56 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by
usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id
15.00.1497.023; Tue, 28 Sep 2021 12:53:56 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: NIST on addressing visibility challenges with TLS 1.3
Thread-Index: AQHXtIls+gKhW8yQV06XW9UFy4x/RQ==
Date: Tue, 28 Sep 2021 16:53:56 +0000
Message-ID: <5987C38E-8FEA-441D-8975-ABB9906276BA@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.53.21091200
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative;
boundary="_000_5987C38E8FEA441D8975ABB9906276BAakamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790
definitions=2021-09-28_05:2021-09-28,
2021-09-28 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0
bulkscore=0
mlxlogscore=632 suspectscore=0 malwarescore=0 mlxscore=0 phishscore=0
spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=8.12.0-2109230001 definitions=main-2109280098
X-Proofpoint-ORIG-GUID: _XvebkHUWSgAOfuliz7-Lhpp_0teXVCk
X-Proofpoint-GUID: _XvebkHUWSgAOfuliz7-Lhpp_0teXVCk
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475
definitions=2021-09-28_05,2021-09-28_01,2020-04-07_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0
mlxlogscore=593
phishscore=0 lowpriorityscore=0 priorityscore=1501 malwarescore=0
bulkscore=0 impostorscore=0 mlxscore=0 suspectscore=0 clxscore=1015
spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=8.12.0-2109230001 definitions=main-2109280099
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/HG1D7oGXmXBtk6SuPRqiGk6x604>
Subject: [TLS] NIST on addressing visibility challenges with TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Sep 2021 16:54:10 -0000
This will be of interest to some on this list. Quoting: “The NCCoE at NIST recognizes the challenges associated with compliance, operations, and security when enterprises employ encrypted protocols, in particular Transport Layer Security (TLS) 1.3, in their data centers. This project will use commercially available technologies to demonstrate a range of approaches for enabling necessary intra-enterprise access to unencrypted/decrypted information. “ More at https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 including how to participate.
- [TLS] NIST on addressing visibility challenges wi… Salz, Rich
- Re: [TLS] NIST on addressing visibility challenge… Deirdre Connolly
- Re: [TLS] NIST on addressing visibility challenge… Stephen Farrell
- Re: [TLS] NIST on addressing visibility challenge… Rob Sayre
- Re: [TLS] NIST on addressing visibility challenge… Tony Rutkowski
- Re: [TLS] NIST on addressing visibility challenge… Ruslan N. Marchenko
- Re: [TLS] NIST on addressing visibility challenge… Rob Sayre
- Re: [TLS] NIST on addressing visibility challenge… Tony Rutkowski
- Re: [TLS] NIST on addressing visibility challenge… Stephen Farrell
- Re: [TLS] NIST on addressing visibility challenge… Tony Rutkowski
- Re: [TLS] NIST on addressing visibility challenge… Christopher Wood