[TLS] wiretapping draft - collecting rebuttal arguments
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 11 July 2017 10:48 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C10D1128BC8 for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 03:48:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DE_Go7Lozrkh for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 03:48:17 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78D15127180 for <tls@ietf.org>; Tue, 11 Jul 2017 03:48:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 4F934BF4C for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id om84KOwRiXha for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1ACF7BF48 for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1499770094; bh=521YQlXkK+CbQAGDi1272+d9yRsKsP1HdwnqSUEk9bk=; h=To:From:Subject:Date:From; b=Tf6AaMUCFjPfTTmeUJXGnNH7iW9YfksPGYC7IHFa/RCKQK/q29BzLyaMjwyaJIm6k 1wzz9zTUDeXliqtONIsgtDPEY5rfGQHh9NUY2HEHu4gxo6/JnvV5ScdK5kKMAnxJLY GZxTsI69GBOeNW7xfRmJ4dx+23/5Y/+gdaTwMlZE=
To: "tls@ietf.org" <tls@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <1777c26d-4e8c-453d-422e-b1f238105bd5@cs.tcd.ie>
Date: Tue, 11 Jul 2017 11:48:13 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="gdNp1nwJUfOG2fuiVJSTmFDA6FobU4Mnu"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/R2Hp0VQ--X_CiZzbnGT1TYwDcEk>
Subject: [TLS] wiretapping draft - collecting rebuttal arguments
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 10:48:20 -0000
Hiya, I've asked the chairs for a slot in Prague to allow for rebutting the claims made by the proponents of the most recent wiretapping draft we're (sadly, still) discussing. [1] So far the chairs seem un-keen, but I'm gonna keep asking as I think having a rebuttal for this kind of bad idea is needed. (And again, I'd prefer the chairs ditch the entire idea of discussing this at all.) In any case, and perhaps with a view to longer-term documenting the arguments against the various "let's break TLS" proposals we continually see, I've started to collect some of those arguments in a github repo [2]. I would welcome contributions to [2] however folks would like to provide 'em (but ideally via PRs) so we can provide a nice crowd-sourced rebuttal in Prague, either as a presentation or via a lively mic-line if need be. Cheers, S. PS: I've just started on this, but will go through the list archive to extract others' arguments and add acks. Not sure if that'll get done before we end up in Prague but please do let me know if I've used an argument you made so I can ack that later. [1] https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-01 [2] https://github.com/sftcd/tinfoil
- [TLS] wiretapping draft - collecting rebuttal arg… Stephen Farrell