[TLS] wiretapping draft - collecting rebuttal arguments

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 11 July 2017 10:48 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id C10D1128BC8 for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 03:48:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id DE_Go7Lozrkh for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 03:48:17 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78D15127180 for <tls@ietf.org>; Tue, 11 Jul 2017 03:48:17 -0700 (PDT)
Received: from localhost (localhost []) by mercury.scss.tcd.ie (Postfix) with ESMTP id 4F934BF4C for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
Received: from mercury.scss.tcd.ie ([]) by localhost (mercury.scss.tcd.ie []) (amavisd-new, port 10024) with ESMTP id om84KOwRiXha for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
Received: from [] (bilbo.dsg.cs.tcd.ie []) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1ACF7BF48 for <tls@ietf.org>; Tue, 11 Jul 2017 11:48:14 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1499770094; bh=521YQlXkK+CbQAGDi1272+d9yRsKsP1HdwnqSUEk9bk=; h=To:From:Subject:Date:From; b=Tf6AaMUCFjPfTTmeUJXGnNH7iW9YfksPGYC7IHFa/RCKQK/q29BzLyaMjwyaJIm6k 1wzz9zTUDeXliqtONIsgtDPEY5rfGQHh9NUY2HEHu4gxo6/JnvV5ScdK5kKMAnxJLY GZxTsI69GBOeNW7xfRmJ4dx+23/5Y/+gdaTwMlZE=
To: "tls@ietf.org" <tls@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <1777c26d-4e8c-453d-422e-b1f238105bd5@cs.tcd.ie>
Date: Tue, 11 Jul 2017 11:48:13 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="gdNp1nwJUfOG2fuiVJSTmFDA6FobU4Mnu"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/R2Hp0VQ--X_CiZzbnGT1TYwDcEk>
Subject: [TLS] wiretapping draft - collecting rebuttal arguments
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 10:48:20 -0000


I've asked the chairs for a slot in Prague to allow
for rebutting the claims made by the proponents of
the most recent wiretapping draft we're (sadly, still)
discussing. [1]

So far the chairs seem un-keen, but I'm gonna keep
asking as I think having a rebuttal for this kind
of bad idea is needed. (And again, I'd prefer the
chairs ditch the entire idea of discussing this at

In any case, and perhaps with a view to longer-term
documenting the arguments against the various "let's
break TLS" proposals we continually see, I've started
to collect some of those arguments in a github repo [2].

I would welcome contributions to [2] however folks
would like to provide 'em (but ideally via PRs) so
we can provide a nice crowd-sourced rebuttal in
Prague, either as a presentation or via a lively
mic-line if need be.


PS: I've just started on this, but will go through
the list archive to extract others' arguments and
add acks. Not sure if that'll get done before we
end up in Prague but please do let me know if I've
used an argument you made so I can ack that later.

[1] https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-01
[2] https://github.com/sftcd/tinfoil