Re: [TLS] Sabotage?

Kathleen Moriarty <> Sat, 12 September 2020 21:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C2BC93A0CC9 for <>; Sat, 12 Sep 2020 14:05:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qFovbpAzrRD4 for <>; Sat, 12 Sep 2020 14:05:02 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F26903A0CC4 for <>; Sat, 12 Sep 2020 14:05:01 -0700 (PDT)
Received: by with SMTP id h6so10651343qtd.6 for <>; Sat, 12 Sep 2020 14:05:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=PYpiLWCBaD6+iAuA/XVgZe4wgzxWLbaC2npByEdRnlo=; b=NyvRDw/QxRzjOJRAlXu31NkvGIWZrWDnGZiDWJxKmf+SxU7Jghv2JmAtvbNwXssjcx n698PrLZRzh7oPpTh4L3RWuF/XlJp8zo5hJaqyEU5Bi90cUKpu5pyOXFtsuQbopoZIBL qi2FYmFirc2Jzck8mNij2+Off8GV1k66gCgsrFEEWyyjydWrkZYpD31PNiLDn0/tHjpo 30saVt5bqOFyYLdP0jaGXhSO97aJehQNzGvLtgR4vOVEpidRT5PZFlUoAwbVNXDGCJ7N Eemqy931VPe0punZ89/O0xvmDwn7RQDY5QerE2OEqeWxmr2wxr0ysTNBZbFASHnNOVC4 tWfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=PYpiLWCBaD6+iAuA/XVgZe4wgzxWLbaC2npByEdRnlo=; b=Feqlzc3Pk2hN8+e7282iIWyKAN21aaTmfLP2lTjWNdqYXkxUGwaODQ4E4ZWW5xuqbK etTXaSVloJIq7s1B9sEr1KyXfbVpVwBFGdGkALpp5FvItI+4clTlQlVYNSwHwsGMMepu nE33O43vqzuou9D+ukYT2Oqr0vvMa81I0w639SKM6/J+ee3XRmsc/ThrqAFn2REXcpp9 NaiAxTrYis2hgf8qAosNjxpLTt3lWekYaxJBwO+N+bL+MjIrgHLgHVJzybLqrzzYdo9H ocHPMXE2pkkKjb+xRmK3zYXSaN/7zyn0UyriXFKSMZ8N4Uz/IfsNpIOzBDdn4U6iPwb6 02MQ==
X-Gm-Message-State: AOAM533H+mT7xQ03NCCJz8jaabdZYIkyyR1Jtth4k+PEZkgWnbK+Q9Ts r15WWctiRfrA4sCWGV27ChRAY6W4MwY=
X-Google-Smtp-Source: ABdhPJycQc0MDiW+M08kMLApf9HfbbG+tAsCQ8ecfXBkaHCyHxxzJ3n+VgLgnBt0PyzDj/gHWlNqtQ==
X-Received: by 2002:ac8:67ca:: with SMTP id r10mr7658290qtp.54.1599944700545; Sat, 12 Sep 2020 14:05:00 -0700 (PDT)
Received: from ?IPv6:2600:380:8d28:b153:b05b:9403:31f2:48e0? ([2600:380:8d28:b153:b05b:9403:31f2:48e0]) by with ESMTPSA id e24sm8137118qka.76.2020. (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 12 Sep 2020 14:04:59 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Kathleen Moriarty <>
Mime-Version: 1.0 (1.0)
Date: Sat, 12 Sep 2020 17:04:56 -0400
Message-Id: <>
References: <>
In-Reply-To: <>
To: Michael D'Errico <>
X-Mailer: iPhone Mail (17H35)
Archived-At: <>
Subject: Re: [TLS] Sabotage?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 12 Sep 2020 21:05:04 -0000

Hi Mike,

This is a pretty big topic that’s been explored quite a bit.  The long term impact of these changes could be very positive.  I just published a book on the topic of embracing E2E among other topics after exploring the impact on operators in RFC8404.  In other words, both directions were explored to reach a possible way forward with increased security and how to get the control/visibility in order to embrace these changes.  

I’m happy to talk more, but fear the length of a thread on this list and may not keep up with it given my current workload.

Best regards,

Sent from my mobile device

> On Sep 12, 2020, at 11:07 AM, Michael D'Errico <> wrote:
> Hi,
> I get a weird feeling that the internet is being hijacked and soon it will be impossible to reverse course.  I have not followed the development of TLS 1.3 but it seems very different from TLS 1.2. Also TLS 1.2 is very different from TLS 1.0/1.1 (which are being deprecated).  QUIC looked good at a glance, but it seems to rely on TLS to share key material, and also I'm more than a bit concerned about its capability to track users.
> Then there's Zoom video conferencing, where everybody working from home or in virtual school has an audio and video feed streaming to their servers.  Github is owned by Microsoft with some dire consequences.  Lots of large companies trying to be everything to everyone, and it turns out they're cruel.
> Anyone?
> Mike
> _______________________________________________
> TLS mailing list