Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)
"Dobbins, Roland" <rdobbins@arbor.net> Mon, 17 July 2017 12:07 UTC
Return-Path: <rdobbins@arbor.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CD0212EC46 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:07:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.7
X-Spam-Level:
X-Spam-Status: No, score=-4.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thescout.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TX1Mz2fSZ4X1 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:07:53 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0133.outbound.protection.outlook.com [104.47.41.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 720F6126B6D for <tls@ietf.org>; Mon, 17 Jul 2017 05:07:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thescout.onmicrosoft.com; s=selector1-arbor-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Mrzo0FXgunHAv/6bTz4Idr7kQJ0zkvjsjvijjtYyhoA=; b=UMV+3tUhgEQRRzklsQ7G7WYI5uJDx/6DrnoJCDlgiPkzORUtCpTr63in++MmIxIlXPZpmYUWpKat97tu4vnhlfyh0mklhwsk1JeIZJPQc6t1YepG/SRsYKCnfYzLWEJScNJnvQ/G6S9/fW3tZ5o85Ta8jDOK1kUpV+K2kkbIiEw=
Received: from DM2PR0101MB1039.prod.exchangelabs.com (10.160.129.156) by DM2PR0101MB1037.prod.exchangelabs.com (10.160.129.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Mon, 17 Jul 2017 12:07:50 +0000
Received: from DM2PR0101MB1039.prod.exchangelabs.com ([fe80::810f:2255:5d85:2fc7]) by DM2PR0101MB1039.prod.exchangelabs.com ([fe80::810f:2255:5d85:2fc7%17]) with mapi id 15.01.1261.022; Mon, 17 Jul 2017 12:07:50 +0000
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: Martin Thomson <martin.thomson@gmail.com>
CC: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)
Thread-Index: AQHS/vRnKFRxxE429kKncr36no97/qJX7LVn
Date: Mon, 17 Jul 2017 12:07:50 +0000
Message-ID: <72166F26-D9C4-4A6D-9007-E68C61688CA6@arbor.net>
References: <CABkgnnU8ho7OZpeF=BfEZWYkt1=3ULjny8hcwvp3nnaCBtbbhQ@mail.gmail.com> <2A9492F7-B5C5-49E5-A663-8255C968978D@arbor.net>, <CABkgnnX7w0+iH=uV7LRKnsVokVWpCrF1ZpTNhSXsnZaStJw2cQ@mail.gmail.com>
In-Reply-To: <CABkgnnX7w0+iH=uV7LRKnsVokVWpCrF1ZpTNhSXsnZaStJw2cQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=arbor.net;
x-originating-ip: [88.208.89.131]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM2PR0101MB1037; 7:R5EJwI2kqgl2Ceo3d9gz8o52G6mwKLae9ZpujQj0VG9pvdMmoZexYKndBmZ/q4+ec5fR0Hb8ckvd1xVgENDajLUACzUXmKapAbQBDIfnfXcCDG/MDCJ0EtjlTWjTqiTbE9Eb+r/iKxcLSwDX/8a5SyYHnQ1gU/Bm8Sbt9c4wDWINEhSzBQak5pJ/7oSn3yehCI8Cs7OSJ09vxFsscX6MkCapw3IIBRe0haI5sfOGSyh3GEvkeHdhW4lH/tIcw3vjzadL2hTZFRwmtcK23JwBobGeYC/kAM/dm6ZZvasGJHJhmqRB9vhiKADWrIxzc8rWZbenVU1K4ZQkT+7ohNGk9c5o3sAV0Y4D6zrMqMNXq8ck0B8OiQyR08mWS3OjknUmp5CAt2v8w3dkdy3I5MHr2Gahw77jJCVuqNhXbATPGbCVlYwQQfJ7nJRYVvVyt29c5nFyApsyoxYK1Xf4m5+kf0wWkIJC2l7LK5Gz1xbTzGjetVRfzZnkVc99fdLoO3cuP1iggmyib6FCnnN9O+3E5UIOIpA5crBoLvq8X7wquTNbztCSEzamZQwcb28d6ah8jTi27Is15eO/6oCJIb4cILJE5J6jgxXBdvO0Du4v/VNthfCObZ9L0li0r9cJH4lYvtjYZF7gPaBsTPjLG2tlIR05ku7bYrsYHiIWn2XojvdgSgdcyiI2RNJrbVblMWgfILL+NbgL5hOQ6c+U/mRehHwoB75UoXHZqh7zS6wqk5LgMZxmAQRiKTZ7roXZkl2arnV73TIJOfMNpeJWMQY+3KW73shKD+Iv2bPRbWltcnA=
x-ms-office365-filtering-correlation-id: 13a29bba-36f2-4503-cb24-08d4cd0c7217
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR0101MB1037;
x-ms-traffictypediagnostic: DM2PR0101MB1037:
x-exchange-antispam-report-test: UriScan:(236129657087228)(50300203121483)(247924648384137);
x-microsoft-antispam-prvs: <DM2PR0101MB10374477A1879ADD75A0AC84CAA00@DM2PR0101MB1037.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(2017060910075)(5005006)(10201501046)(3002001)(100000703101)(100105400095)(93006095)(93001095)(6041248)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR0101MB1037; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR0101MB1037;
x-forefront-prvs: 0371762FE7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39850400002)(39450400003)(39400400002)(39840400002)(39410400002)(24454002)(5250100002)(81166006)(7736002)(8676002)(53546010)(2950100002)(6916009)(4326008)(189998001)(82746002)(2900100001)(83716003)(33656002)(6486002)(6506006)(14454004)(38730400002)(478600001)(6436002)(110136004)(3846002)(6116002)(229853002)(39060400002)(25786009)(102836003)(8936002)(2906002)(86362001)(50986999)(5660300001)(230783001)(6246003)(53936002)(54356999)(66066001)(76176999)(54896002)(3280700002)(54906002)(36756003)(99286003)(3660700001)(236005)(6512007); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0101MB1037; H:DM2PR0101MB1039.prod.exchangelabs.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_72166F26D9C44A6D9007E68C61688CA6arbornet_"
MIME-Version: 1.0
X-OriginatorOrg: arbor.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2017 12:07:50.1046 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 54f11205-d4aa-4809-bd36-0b542199c5b2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0101MB1037
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Lg5bA6FPzJ8-ZMb-irFj2CXBRis>
Subject: Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 12:07:55 -0000
On Jul 17, 2017, at 14:01, Martin Thomson <martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>> wrote: My point was that you don't get that visibility when it is malware at both ends of the connection (assuming a modest amount of competency from the authors). Seeing it when it's only at one end is quite useful. And, yes, one does often see it at both ends. Assuming competence on the part of the authors is unwarranted. Why do you persist in treating this technology as theoretical & ineffective, when it's been in use quite effectively for many years? Network operators have been doing this for a long time - because it works. ----------------------------------- Roland Dobbins <rdobbins@arbor.net<mailto:rdobbins@arbor.net>>
- [TLS] Malware (was Re: draft-green-tls-static-dh-… Martin Thomson
- Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Malware (was Re: draft-green-tls-static… Kathleen Moriarty
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Martin Thomson
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Russ Housley
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Malware (was Re: draft-green-tls-static… Jeffrey Walton
- Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
- Re: [TLS] Malware (was Re: draft-green-tls-static… Simon Friedberger
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Watson Ladd
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
- Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
- Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins