Re: [TLS] draft-green-tls-static-dh-in-tls13-01

"Roland Dobbins" <rdobbins@arbor.net> Thu, 20 July 2017 19:51 UTC

From: Roland Dobbins <rdobbins@arbor.net>
To: Carl Mehner <c@cem.me>
Cc: Simon Friedberger <simon.tls@a-oben.org>, "tls@ietf.org" <tls@ietf.org>
Date: Thu, 20 Jul 2017 21:51:15 +0200
Message-ID: <A4022830-17AA-4D94-811A-F548B4008B45@arbor.net>
In-Reply-To: <CAEa9xj66Hzpw1OZRfJT_LqqMRbykrKAFaj7GBRb6a1d1VfUMzA@mail.gmail.com>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <8b502340b84f48e99814ae0f16b6b3ef@usma1ex-dag1mb1.msg.corp.akamai.com> <87o9smrzxh.fsf@fifthhorseman.net> <CAAF6GDc7e4k5ze3JpS3oOWeixDnyg8CK30iBCEZj-GWzZFv_zg@mail.gmail.com> <54cdd1077ba3414bbacd6dc1fcad4327@usma1ex-dag1mb1.msg.corp.akamai.com> <CAAF6GDeSv+T1ww5_nr6NPgg9k44j7y04tJWC=KeaJF7Gtt+TVQ@mail.gmail.com> <9bd78bb6-1640-68f6-e501-7377dd92172f@cs.tcd.ie> <CAAF6GDeGKEBnUZZFXX0y0a2J2+sVg8VaHh-4H9bhN0Zzk-x9uA@mail.gmail.com> <6707e55d-63d3-01e2-4e98-5cc0644e29e0@cs.tcd.ie> <35f4c84c6505493d8035c0eaf8bf6047@usma1ex-dag1mb1.msg.corp.akamai.com> <CAAF6GDcq6_ML3yHSQTy-t5irYLS10VVzk_R+7nAUKqQpgcCkrQ@mail.gmail.com> <a22d69c80d8d4cd2981cd6ede394c96f@usma1ex-dag1mb1.msg.corp.akamai.com> <F533492A-ACF1-498F-A03C-B829DDFFDD36@arbor.net> <8d485710-d55e-28b9-3197-ad2d9880f5eb@a-oben.org> <CAEa9xj66Hzpw1OZRfJT_LqqMRbykrKAFaj7GBRb6a1d1VfUMzA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jul 2017 19:51:26.8621 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1037
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/I4yz_mT2J-xKXNDQVUnA0sGZtKs>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2017 19:51:31 -0000

On 20 Jul 2017, at 21:21, Carl Mehner wrote:

> It's not an overnight change, but it is a practical one, and one that 
> could end up making these complicated applications that "need" 
> static-key-style decryption work more effectively and efficiently.

The problems of capex, opex, scale, additional complexity, and 
potentially broadening the attack surface via additional inline 
termination are also considerations - these tradeoffs may work for some 
organizations, but don't for many.

Whether or not one can obtain sufficient application/service 
instrumentation is also highly situationally-specific.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>

[TLS] draft-green-tls-static-dh-in-tls13-01 Matthew Green
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Richard Barnes
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Richard Barnes
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Andrei Popov
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kyle Rose
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Eric Mill
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Christian Huitema
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Timothy Jackson
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Tony Arcieri
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Jeremy Harris
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Russ Housley
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Richard Barnes
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Nico Williams
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Nick Sullivan
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Jacob Hoffman-Andrews
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dave Garrett
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Shumon Huque
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dave Garrett
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Eric Mill
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Checkoway
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Nico Williams
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Joseph Lorenzo Hall
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Melinda Shore
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kathleen Moriarty
[TLS] Fwd: draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Jeffrey Walton
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ilari Liusvaara
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Nick Sullivan
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kyle Rose
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kyle Rose
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kyle Rose
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kathleen Moriarty
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kathleen Moriarty
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] Fwd: draft-green-tls-static-dh-in-tls13… Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ilari Liusvaara
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Zink
Re: [TLS] Fwd: draft-green-tls-static-dh-in-tls13… Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Peter Gutmann
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ilari Liusvaara
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Melinda Shore
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Stephen Farrell
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Kathleen Moriarty
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Wartan Hachaturow
Re: [TLS] Fwd: draft-green-tls-static-dh-in-tls13… Roland Zink
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ackermann, Michael
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Mark Nottingham
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Daniel Kahn Gillmor
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Melinda Shore
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Tom Ritter
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Salz, Rich
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Yoav Nir
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Benjamin Kaduk
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Benjamin Kaduk
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Colm MacCárthaigh
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Dobbins, Roland
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Blumenthal, Uri - 0553 - MITLL
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Ted Lemon
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Watson Ladd
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Simon Friedberger
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Carl Mehner
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Roland Dobbins
Re: [TLS] draft-green-tls-static-dh-in-tls13-01 Simon Friedberger