Re: [TLS] draft-ietf-tls-dnssec-chain-extensions security considerations

Paul Wouters <paul@nohats.ca> Thu, 05 July 2018 04:40 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C4A4130DE2 for <tls@ietfa.amsl.com>; Wed, 4 Jul 2018 21:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3o6fLdwdY2UJ for <tls@ietfa.amsl.com>; Wed, 4 Jul 2018 21:40:33 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B10421277CC for <tls@ietf.org>; Wed, 4 Jul 2018 21:40:33 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 41LlXZ1yQ4z1Kj for <tls@ietf.org>; Thu, 5 Jul 2018 06:40:30 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1530765630; bh=LtTmWB0mkzqb+xsT4HjQrqxXflRtJmnRI2rND8OCSec=; h=Date:From:To:Subject:In-Reply-To:References; b=Xrn4BtRUcb7vulDtslVbm2NNwPjBPi27ESiNj3Pe7W92QQ74jSm1zwrfT2dZ/i+B+ 9vxAKTetJIcdHxIoaCO0WZHuc/JZjY2RjZJ1jxxJsZvmvZpoJ9kKtre1cgNnrf3WnJ et8AydF8OYGob2C+Bm3u4W2s2iQRP+K5nZ4eVgAw=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id HqPyJlotUgYk for <tls@ietf.org>; Thu, 5 Jul 2018 06:40:27 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <tls@ietf.org>; Thu, 5 Jul 2018 06:40:26 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id D5B7A79AAE; Thu, 5 Jul 2018 00:40:25 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca D5B7A79AAE
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id C95E0407821F for <tls@ietf.org>; Thu, 5 Jul 2018 00:40:25 -0400 (EDT)
Date: Thu, 5 Jul 2018 00:40:25 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: tls@ietf.org
In-Reply-To: <CABcZeBOpXpAYO8EBgn=brhd8H0PM_XR63JSBTB0+k88mKxrnBg@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1807050006330.18860@bofh.nohats.ca>
References: <20180604203947.GW13834@akamai.com> <alpine.LRH.2.21.1806050858340.8057@bofh.nohats.ca> <CAOgPGoBPfL46ogCGa4tSA2q9dikuTwrY766R5y3U-DD1k+XudQ@mail.gmail.com> <CABcZeBOQ0AueZup+sLbK1g2nJ_GUP5Oq+pzRaKmQ0y=Foa4-MA@mail.gmail.com> <20180705023310.GL85096@straasha.imrryr.org> <CABcZeBMDKeYM_jnB+2hNREHOLNwOpMAfm1E69hbGdmZMFBCMRw@mail.gmail.com> <20180705031615.GO85096@straasha.imrryr.org> <CABcZeBOpXpAYO8EBgn=brhd8H0PM_XR63JSBTB0+k88mKxrnBg@mail.gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/QzokY7CdAMgQxI6vKmJ7IdIZMGc>
Subject: Re: [TLS] draft-ietf-tls-dnssec-chain-extensions security considerations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2018 04:40:36 -0000

On Wed, 4 Jul 2018, Eric Rescorla wrote:

>       > > > Do we have a count of major implementors who say they will do so?
>       > >
>       > > Well, what is a "major implementation"?
>       >
>       > Well, we could start with "what implementations are going to do this"?

[postfix and openssl apparently not big enough ]

> It would be nice to hear from those maintainers, as well as from some of the bigger email senders (e.g., GMail, Yahoo Mail,
> etc.)

This is not a valid direction for this technical discussion, and goes
pretty directly against the Tao of the IETF. But if you want to go
that way, here is my proposed question to those providers:

 	Do you object to your company's product needing to send two
 	additional zero bytes in a TLS handshake if/when you support
 	DANE stappling in TLS in the case that you do NOT want to be
 	protected from downgrade attacks so that other entities that DO
 	want to support downgrade protection can do so without creating
 	yet another a mostly duplicate internet standard that comes with
 	its own delay in deployment?

I am fine with people believing they do not need downgrade protection,
although in my experience most downgrade possibilities end up getting
abused at some point for malicious purposes. But it would be great if
those people could reciprocate that freedom of choice to those that do
want downgrade protection so they can make actual security decisions
based on this standard.

Thank you,

Paul