Re: [TLS] TLS Proxy Server Extension
Matt McCutchen <matt@mattmccutchen.net> Tue, 02 August 2011 16:31 UTC
Return-Path: <matt@mattmccutchen.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2453F21F8559 for <tls@ietfa.amsl.com>; Tue, 2 Aug 2011 09:31:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r8DrKl5Rwoc9 for <tls@ietfa.amsl.com>; Tue, 2 Aug 2011 09:31:16 -0700 (PDT)
Received: from homiemail-a10.g.dreamhost.com (caiajhbdcagg.dreamhost.com [208.97.132.66]) by ietfa.amsl.com (Postfix) with ESMTP id 68B2221F854C for <tls@ietf.org>; Tue, 2 Aug 2011 09:31:09 -0700 (PDT)
Received: from homiemail-a10.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a10.g.dreamhost.com (Postfix) with ESMTP id 1B34C280076; Tue, 2 Aug 2011 09:31:18 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=mattmccutchen.net; h=subject:from :to:cc:in-reply-to:references:content-type:date:message-id :mime-version:content-transfer-encoding; q=dns; s= mattmccutchen.net; b=mcXlWQXsAIM5sRdFwUiWAJ3SyUSNFq+3NDbyXuZwVJT zAhdDnCi7iyZvKwe+ftcVmVPHpSppLg2RRukSWcWR0GWdet2dg6qwibueV0Fez5n wxDUhk/xUXzFEThvrBWAG9avHp7seLq8McO2skuiDrzpSi/lqMeqIJuKHaojIwXQ =
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mattmccutchen.net; h= subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:content-transfer-encoding; s= mattmccutchen.net; bh=WozRcOc1GAs0YipTlukBezhWoXQ=; b=rYkIMym8Xf Si7gHZHWWtenf3Agao6ub81HHsbKujHGw4gg+Ylv6MZ4nIVllkvmq6zH1nAdd6ch 1w+Sm9fTY23v3kdibrVRvJkpXiXqeA2osaS395IRL5fIS9qFcWjcIygk8qiWTUzO hjasRsBcjozAxBHE24pMrBVmWMz+93tgc=
Received: from [10.5.0.146] (unknown [192.80.55.242]) (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: matt@mattmccutchen.net) by homiemail-a10.g.dreamhost.com (Postfix) with ESMTPSA id 7D71828006F; Tue, 2 Aug 2011 09:31:17 -0700 (PDT)
From: Matt McCutchen <matt@mattmccutchen.net>
To: Yoav Nir <ynir@checkpoint.com>
In-Reply-To: <EF0AF8BF-F940-4CF0-8077-8BFFBB18C3C5@checkpoint.com>
References: <201108012038.p71KcVDj004957@fs4113.wdf.sap.corp> <568A2EE4-21EF-4BD4-BF0E-84D918D0FB76@cisco.com> <EF0AF8BF-F940-4CF0-8077-8BFFBB18C3C5@checkpoint.com>
Content-Type: text/plain; charset="UTF-8"
Date: Tue, 02 Aug 2011 12:31:16 -0400
Message-ID: <1312302676.2174.31.camel@localhost>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.3
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] TLS Proxy Server Extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Aug 2011 16:31:17 -0000
On Tue, 2011-08-02 at 09:19 +0300, Yoav Nir wrote: > Decryption-only through sharing of keys would not work. Some of the > processing to be done cannot be done by a passive eavesdropper. For > example, if you send me an MS-Word document to my gmail account, and I > would like to download it, the way to check for malware is for the > proxy to download the entire file, scan it for malware, and then > forward it to my computer. A passive eavesdropper would finish > collecting the file too late - by then I already have it. An active > proxy is necessary. You are confusing layers. TLS relies on the flow control of the underlying stream. The proxy would have to split the TCP connection in order to collect the entire file, but it would ultimately send the collected TLS records on to the client verbatim, so the TLS-level behavior would be passive. > I think he's missing the baseline. The baseline is that TLS proxies > work well enough that companies deploy then. Even in Europe. There are > some downsides to using them: client certificates and PSK suites don't > work. Certificate and CA pinning don't work. The user cannot verify > the actual server certificate chain. The EV indication is gone. But > all these are not blocking administrators from deploying TLS proxies. > They may be blocking sites from using client certificates or PSK > suites, although there are plenty of other things blocking those (but > that's from another thread) > > This extension may help with those deficiencies. With or without the > extension, the existence (or possibility) of the proxy is visible to > the user, because you need to install a CA certificate. A user can > choose not to use the corporate network for accessing HTTPS sites > where he's not comfortable with having the content inspected. The fact > that the server is not similarly given a choice may be a problem, but > that is a property of using TLS without client authentication. The > extension can help, but only if the proxy uses it. All agreed. A person using a corporate laptop has no expectation of privacy from the company. The proxy extension just offers a technically more capable solution for that scenario. No one is proposing, per se, that TLS interception be used in any more places than it is now. Of course, interception may now be used in places where it was always desired but could not be used before due to protocol issues. However, it's hard to believe that the proxy extension would change the market and/or legal forces that currently restrain ISPs from routinely intercepting customer traffic, if that is what Martin is worried about. The TLS WG may have a personal distaste for the use case addressed by the extension. But I would reason that the use case is valid, thus the extension is worthy of standardization to get interoperable implementations, and the TLS WG is the best venue available for technical discussion. As David explained (https://www.ietf.org/mail-archive/web/tls/current/msg07920.html), the use case does not constitute wiretapping as defined in RFC 2804. -- Matt
- [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Yngve N. Pettersen
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Adam Langley
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Adam Langley
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Matt McCutchen
- [TLS] Certificate pins vs. MITM proxies Matt McCutchen
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Matt McCutchen
- Re: [TLS] TLS Proxy Server Extension Matt McCutchen
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Marsh Ray
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Marsh Ray
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Marsh Ray
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Marsh Ray
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Marsh Ray
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Anders Rundgren
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Ken Peirce
- Re: [TLS] TLS Proxy Server Extension Peter Gutmann
- Re: [TLS] TLS Proxy Server Extension Matt McCutchen
- Re: [TLS] TLS Proxy Server Extension Martin Rex
- Re: [TLS] TLS Proxy Server Extension Joshua Davies
- Re: [TLS] TLS Proxy Server Extension Yoav Nir
- Re: [TLS] TLS Proxy Server Extension Ken Peirce
- Re: [TLS] TLS Proxy Server Extension Philip Gladstone
- Re: [TLS] TLS Proxy Server Extension Kemp, David P.
- Re: [TLS] TLS Proxy Server Extension David McGrew
- Re: [TLS] TLS Proxy Server Extension Ralph Holz