IETF Logo Mail Archive

Re: [TLS] TLS and middleboxes again

Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 26 August 2011 20:03 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3925C21F8BA6 for <tls@ietfa.amsl.com>; Fri, 26 Aug 2011 13:03:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.224
X-Spam-Level:
X-Spam-Status: No, score=-103.224 tagged_above=-999 required=5 tests=[AWL=-0.376, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_OBFU_ALL=0.751, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GgHyPBYaH99M for <tls@ietfa.amsl.com>; Fri, 26 Aug 2011 13:03:26 -0700 (PDT)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id 6077921F8AFB for <tls@ietf.org>; Fri, 26 Aug 2011 13:03:26 -0700 (PDT)
Received: by wwf5 with SMTP id 5so2603503wwf.13 for <tls@ietf.org>; Fri, 26 Aug 2011 13:04:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=xXQ/vtAhD3ODjNoIvJ6sc+vLU+q79hyAGh2l5R3Vx2s=; b=oWD+9KerhtyOpYApGufMywIcTIyfXhKf6qLPaKeTKjq+YWrZOmbx6FZVN8nd534Bcr TpUev/XBnOFsbJwDswmbSplDrpH4RwWYKRFj8TRiP/wkvA6PZ5JN7y2jmC7hcrQ5xFD7 /XtgUl2zOU+ebx0VUaNjtinGURCoKJpRCHyhM=
Received: by 10.227.37.87 with SMTP id w23mr1313633wbd.55.1314389082709; Fri, 26 Aug 2011 13:04:42 -0700 (PDT)
Received: from [10.0.0.3] (bzq-79-181-242-252.red.bezeqint.net [79.181.242.252]) by mx.google.com with ESMTPS id n20sm1568900wbh.33.2011.08.26.13.04.40 (version=SSLv3 cipher=OTHER); Fri, 26 Aug 2011 13:04:41 -0700 (PDT)
Message-ID: <4E57FC4B.3080809@gmail.com>
Date: Fri, 26 Aug 2011 23:04:27 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: tls@ietf.org
References: <mailman.69.1314385218.21832.tls@ietf.org>
In-Reply-To: <mailman.69.1314385218.21832.tls@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [TLS] TLS and middleboxes again
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2011 20:03:27 -0000

Hi Uri,

two reasons for the middlebox to use the MAC (which may or may not be 
"justifiable" to you) are:

- Many security applications add a textual signature similar to "This 
mail was scanned by The Best Antivirus".
- If something bad is detected in the traffic, the middlebox might want 
to issue an HTTP redirect, e.g. to display a copy of the company's 
security policy.

And I like Nikos' idea of having a different MAC for middlebox-generated 
traffic. Although sharing the middlebox-specific MAC with the individual 
middlebox AND with the server, while not sharing it with other 
middleboxes along the path (yes the draft assumes there could be 
several) would be a challenge.

Thanks,
     Yaron

On 26.8.2011 22:00, tls-request@ietf.org wrote:
>
> ------------------------------
>
> Message: 4
> Date: Fri, 26 Aug 2011 12:11:44 -0400
> From: "Blumenthal, Uri - 0668 - MITLL"<uri@ll.mit.edu>
> To: "'nmav@gnutls.org'"<nmav@gnutls.org>, "'juhovh@iki.fi'"
> 	<juhovh@iki.fi>
> Cc: "'tls@ietf.org'"<tls@ietf.org>
> Subject: Re: [TLS] TLS and middleboxes again
> Message-ID:<20110826161051.85A8921F850E@ietfa.amsl.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> There COULD be justifiable need to observe the traffic and thus to share the encryption key. At this time I see _no_ justifiable need to modify the traffic and thus believe that the MAC key must not be shared with the third parties.
>
> If there's something wrong with the content - force the connection to close/abort.
>
> --
> Regards,
> Uri
>
> ----- Original Message -----
> From: Nikos Mavrogiannopoulos [mailto:nmav@gnutls.org]
> Sent: Friday, August 26, 2011 11:37 AM
> To: Juho V?h?-Herttua<juhovh@iki.fi>
> Cc: tls@ietf.org<tls@ietf.org>
> Subject: Re: [TLS] TLS and middleboxes again
>
> On 08/26/2011 12:53 PM, Juho V?h?-Herttua wrote:
>
>>> A few comments:
>>> - On top of the encryption keys, we probably need to support sending
>>> the MAC keys. Subject to client and server policy of course.
>> I have no reason to support sending the MAC keys, and letting the proxy
>> to modify the actual contents of the connection sounds a bit scary to
>> me... What's the actual use case for this? I'm sure there's some, but I
>> can't think of anything sensible right now. Basically sharing the MAC
>> keys would make it similar with the certificate MitM attack currently used.
> Or maybe a different MAC key is provided to the middle box, which will
> use this to rewrite a MAC message (and tag it with a different
> content-type such as modified-record).
>
> That way the client will know whether the packet received is original
> or modified.
>
>
> regards,
> Nikos
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>
> ------------------------------
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>
> End of TLS Digest, Vol 85, Issue 19
> ***********************************

v2.23.0 | Report a Bug | By Email