Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Colm MacCárthaigh <> Sun, 09 July 2017 06:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 64B1C127369 for <>; Sat, 8 Jul 2017 23:05:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id fKQA2aCBb3m4 for <>; Sat, 8 Jul 2017 23:04:58 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4002:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9C0F812009C for <>; Sat, 8 Jul 2017 23:04:58 -0700 (PDT)
Received: by with SMTP id p207so20353155yba.2 for <>; Sat, 08 Jul 2017 23:04:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=NRA/6v32h5xy0SROXZDuf1SnH8hVNQq2MfIqtGi6D3Y=; b=tIpl4UXu8SEVyVwQmaJQMeyW++2shggsM/XhjCSOrkSIJDbnCcSQskNC/mBmMprmIJ KqsNCpHgK+UpidLivRXEGyYdXoGseHdg9S6eBPpnV4Ch4xsb75aQpmqRdjIICIe2BJ/m Kpf3XL4MqRrOvHar+PcSXV3+ADSj8gbHAJJWhMfS4WjtwmvR/pPoawBfOJebyd0ZTj+I z1tJnYFihows09wZNu65/YHF0iDpbCw8W7ZoLYEOnAZuitUJKdoF8BogkgFL0jcE6f8O LG1KHt3yHAqhxBqWQfkLsj+IzZzYxNe5qBGQiEeqVXikoXcmO5wexRoIT10TVvje3YLL fWSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=NRA/6v32h5xy0SROXZDuf1SnH8hVNQq2MfIqtGi6D3Y=; b=N9/xMrMrhykdJtt/5m/v1DXkx7xljc6e9riCgQf1UXDZ2ms5gwBAaTKLAl1fuyzlVy 6LtiZz87+Z/razldhIqKQfos3lzLLb13Ii0E/eNQL2JPwIiVSsWpl1wAxwRkTrDqEkDR fwzGlUr72Rn91OO5FtM3XdDq6d+hSKvPFsEZraMCs2bx7VSnlINlTJKMVi78X/YHXRoJ YKbCjImdr0XC7SNrvpTdQyWK3vBZCfNNNiyEiGJgGhElAsh5LG0CsEzS5aQekvaJKJvS JnHNMRjJHo9yNzZ1vXIKPGDhgxXXAmbvsVzFY12NlF1lSnJkFtMUxTWRSW1mjG+CavsQ 2fEw==
X-Gm-Message-State: AIVw110fh3txkH6mKqsCcVq19rw1KLk6Df3UGnV1Gbunc2AXaqyqc8Bj crWrg/8Bl5AK90WeEw4gN1YnK2kYiSgc
X-Received: by with SMTP id h63mr2025400ybg.163.1499580297726; Sat, 08 Jul 2017 23:04:57 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Sat, 8 Jul 2017 23:04:56 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: =?UTF-8?Q?Colm_MacC=C3=A1rthaigh?= <>
Date: Sat, 8 Jul 2017 23:04:56 -0700
Message-ID: <>
To: Watson Ladd <>
Cc: Yoav Nir <>, "" <>
Content-Type: multipart/alternative; boundary="94eb2c0553ccf571960553dc3e94"
Archived-At: <>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 09 Jul 2017 06:05:00 -0000

On Sat, Jul 8, 2017 at 9:27 AM, Watson Ladd <> wrote:
> > They also don’t want to install TLS proxies all over the place.  That’s a
> > large extra expense for them.
> Nginx exists. What's the blocker?

Here's how these networks work today:

* Key servers are configured to use RSA KX, no DH.
* In some cases, all outbound (e.g. internet) connectivity is also proxied
via such a server. Clients are made to trust a private CA for this purpose.
* All data is not necessarily logged or stored somewhere, and almost
certainly not in the plain, as that would increase over-all risk.
* Admins use port-mirrors and tools like tcpdump to investigate/scan
suspicious flows from time to time, or as part of a targeted investigation.
Occasionally it might also be used for debugging. The RSA keys can be used
to render the connections plain on demand.
* That doesn't mean that the RSA private keys are readily available, they
are often very tightly controlled.

Migrating to proxies would:

* Be a very big operational change. Gotta get nginx on all of the boxes, is
that even possible?
* Completely change the access mechanisms, invalidate almost all of the
operational controls.
* Probably more than double the basic compute costs associated with
* Create more sensitive environments where plaintext is floating around.

That doesn't mean that these vendors/operators are owed a solution, or an
easy-to-insert more-or-less-compatible-with-today mechanism. But it does
help assess whether they are really likely to adopt TLS1.3 to begin with.