IETF Logo Mail Archive

Re: [TLS] TLS client puzzles

Dave Garrett <davemgarrett@gmail.com> Thu, 07 July 2016 00:33 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9166E12B022 for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:33:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y8HpBQUWJRy4 for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:33:22 -0700 (PDT)
Received: from mail-qk0-x244.google.com (mail-qk0-x244.google.com [IPv6:2607:f8b0:400d:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9099112B054 for <tls@ietf.org>; Wed, 6 Jul 2016 17:33:22 -0700 (PDT)
Received: by mail-qk0-x244.google.com with SMTP id s7so315380qkf.2 for <tls@ietf.org>; Wed, 06 Jul 2016 17:33:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=po58ROMwOlcEzGvw0+RlJhZz1pVOGWds8e8G4V0EoU0=; b=Dg2Ghjk1bhVxe87bBelZ3TJhPjoOW31z3q8k++hry/a3QyQ9lDcSlB1PovXYmrTQHW TA6rrMJQPwxQfaOfjFU1eNRV/PAvMXDH0AWpZgQswxdHhyCH2N8gKRGFe16YCDxsRsno /Rqjg1xPh3wnAIA2nYFs1aIECk21+5sXxZJeEgr2SdWX827WFcUU58Y1tW4FcW6xcrMs n8yROLDY9c/8oJjOPsHFm5UR1K7WiG7PU3DUi0cUUh7nyJpqXyZITjGeB4v5wcoahXUS eVVKTc4rEnhmZxPx373sJ0sISSZWQbBhrxDUyoi2wgo5CZXtR2UMRVMhk7OoZZXo4Z2w iDig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=po58ROMwOlcEzGvw0+RlJhZz1pVOGWds8e8G4V0EoU0=; b=PwrFPJWw2Q+qMPKPfvtQohn2Dw+7ZiwNHrDaAkb1/S39II59kCruNJFuRohxCRiYqm I6tSrfIL1SmUjkz9iIr+rSRKYToa20t48PYD7SJTBXU8F3VaqnObYmhgO6gVfMWRvqqY L8TJlREEpIuClkP/GfQc7OXjeUvoLeyJmDolUx+3WRTDa3K//PZZIAOQSjxqdsAcBT9O +w3R2XfW0D1JHjWvURqKKQ6MPYObF0YwPgUhzqTg5/Yuv2qMwTSK8uLLbzj6ngx6wdiG a2qBQE7iY7vEqPcQ56ROfnfEsfJmDx+5bibz0RN/oakR7YUcJEYwuOz/xI+paadPo62Z k64A==
X-Gm-Message-State: ALyK8tJAMg2Vwe0S6jVAryEhiGl0+IVSaWkYDw+vj/YhXHzhOgqaiinr1n460kstZhtkzQ==
X-Received: by 10.55.111.66 with SMTP id k63mr34430459qkc.22.1467851601615; Wed, 06 Jul 2016 17:33:21 -0700 (PDT)
Received: from dave-laptop.localnet (pool-71-185-27-22.phlapa.fios.verizon.net. [71.185.27.22]) by smtp.gmail.com with ESMTPSA id k54sm2620869qtk.44.2016.07.06.17.33.20 (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 06 Jul 2016 17:33:20 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Wed, 06 Jul 2016 20:33:19 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <CALW8-7Kv01Dw3YBiW20SBEScWqkup53xpCjy8834PpLDkgb4cg@mail.gmail.com> <CAJU8_nV=oq+Vcp7rHnuzGt9fY+G-cvEqvA7nYagh19ALd2M1ZQ@mail.gmail.com> <577D68BB.5070605@gmx.net>
In-Reply-To: <577D68BB.5070605@gmx.net>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201607062033.19870.davemgarrett@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/MwlctVOIbQqpQS5EzgfttpOqfck>
Cc: Dmitry Khovratovich <khovratovich@gmail.com>
Subject: Re: [TLS] TLS client puzzles
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2016 00:33:24 -0000

On Wednesday, July 06, 2016 04:23:23 pm Hannes Tschofenig wrote:
> (And note that I am not saying that IoT devices aren't used for DDoS
> attacks.)

For that matter, I feel like IoT is a larger DDoS risk in the long-term than other arenas. A botnet of bazillions of little widgets with Internet access and no updates and distributed widely would be an even greater PITA to deal with than we've had in the past. IoT being currently incapable of attempting to use this system almost feels like a feature, rather than a bug.


Dave

v2.23.0 | Report a Bug | By Email