[TLS] Enforcing Protocol Invariants

Ryan Carboni <ryacko@gmail.com> Fri, 09 November 2018 02:31 UTC

Return-Path: <ryacko@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 01F26130D7A for <tls@ietfa.amsl.com>; Thu, 8 Nov 2018 18:31:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id z4A8lr2QccnB for <tls@ietfa.amsl.com>; Thu, 8 Nov 2018 18:31:30 -0800 (PST)
Received: from mail-yw1-xc36.google.com (mail-yw1-xc36.google.com [IPv6:2607:f8b0:4864:20::c36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D8F9128D0C for <tls@ietf.org>; Thu, 8 Nov 2018 18:31:30 -0800 (PST)
Received: by mail-yw1-xc36.google.com with SMTP id v77-v6so599118ywc.4 for <tls@ietf.org>; Thu, 08 Nov 2018 18:31:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Ug/XvhWIX6rmdWRvSKSXLK2OyT4jV+U923c0+oR4Vqo=; b=QHDo093J4VVQrjeb7CyTuYOkh+ydFVRuglV1pa1BpgSjo6USqAKpV5zTJ6J5Vk0LRS YnmFMGKA9KpIVsGStj9D5jvl/nzDC3r4TxaqTg3MqflGcztQxyODHc8+dYHjv+lv24j7 j+XIsEYQWqTQjimDvmK5/VBZNdWOrlmr9wTay56V//uc23vU+4AQiBiv4Gq2nB/AYM2C Mgqa8bO2xlS4MuT7ZwEmhNHfBbXLtiCjzSyIyBSww9IX0MGlYXOGMI8Uv1OPH9VVnSc1 8KDULbf3sD3xsTXEQdFnM7QYlKz8YbowGSb72w9VziMmRlBV6fpURYgo4h7Zx5sont1U eFcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Ug/XvhWIX6rmdWRvSKSXLK2OyT4jV+U923c0+oR4Vqo=; b=D181eH2dHgvBLZPJfiN717KsHVoa/dp9i0cfXtXb0dnqLZHPM9H8DSO7aV4dhknalk bm/PC+zz38wDBBBevLCCu27wZXrqjlG6wtQUemOis25oGCaOPqi3hJEtczG0vCpY/xOA PF8hQJgzjKQxOm/sWCbVQiSX/UOibmRdZeUMj66/ywHfBgXestghPI4x5t4zXb2Hn7q9 v4cltY90/FK2nODW7/hE4TxPL1JrzcY5Tx6kLIi4LwBBaZepksTPE+fkhnLJYhGdav1Q EwjZR0fIJz/XCzy18W03TXMoeMnncg2Q1eGa/0oY3jCj761HbeXqXck95yqBdKc0Cd5i MXcg==
X-Gm-Message-State: AGRZ1gJdbUblpmHXJUm1ajrBVYir0biZ2nkzb3REkf2qfzTbB0pUbyLa yB+NsSmyVF/1rh4gkdFxMgPFIArkUBDOe4hxwdk=
X-Google-Smtp-Source: AJdET5e5D9FR7fHf/kahxubjy7lEauBbK73aDoaHcZI2TiXmJltLwmV3sRJVVd9yuo0T2CtX2PvRvmJEZwuiPtsoH24=
X-Received: by 2002:a81:7744:: with SMTP id s65-v6mr7027060ywc.149.1541730689389; Thu, 08 Nov 2018 18:31:29 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a81:a014:0:0:0:0:0 with HTTP; Thu, 8 Nov 2018 18:31:28 -0800 (PST)
In-Reply-To: <CABcZeBPb2aPE3eXsqD5-qvWO88W=iMRxZ9YgCXZiTSGAPBDMxQ@mail.gmail.com>
References: <CAO7N=i0g9d9x5RdF_guKm3GDAxVRHSV+eHffs6kiJm6dWO7tvw@mail.gmail.com> <CABcZeBPb2aPE3eXsqD5-qvWO88W=iMRxZ9YgCXZiTSGAPBDMxQ@mail.gmail.com>
From: Ryan Carboni <ryacko@gmail.com>
Date: Thu, 08 Nov 2018 18:31:28 -0800
Message-ID: <CAO7N=i2L9mY1kdZNhgSV90e5FN64VBh0miApQv_9ws9fCdaGVg@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000149d25057a32265b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/UAv-WiVevzjCe7p_gOOmSzH2gdM>
Subject: [TLS] Enforcing Protocol Invariants
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2018 02:31:33 -0000

On Thursday, November 8, 2018, Eric Rescorla <ekr@rtfm.com> wrote:

>  It's also worth noting that in practice, many sites are served on
> multiple CDNs which do not share keying material.
Encrypting common knowledge is cargo cult fetishism for cryptography. The
files could be sent unencrypted, and protected using subresource integrity.
If you are sharing the same data to multiple second parties to serve to a
single third party, the value of encryption is less than zero.

This could create a long drawn out argument which may prove that it is
impossible to change anything about TLS as it has reached a point where too
many people are doing too many things to it, that is outside any original
or rational design.

In any case, Eric, you inadvertently contradict yourself. The whole point
of WebPKI is to certify trust, and has been an issue over the years. But
CDNs act as a intermediary between the creator of the content and the end
user. CDNs do not have as strict requirements as do CAs in terms of
auditing, and have their own issues outside the scope of this conversation.

Like I said, this could go on forever, I’m just making one point, you
people have made a protocol does very little of what one should expect it
should do, and the internet has evolved to be some sort of non functioning
system, the best example of which would be that everyone has forgotten what
URI standards are supposed to be about.

In any case, TLS 1.3 won’t reach widespread adoption for another few years,
and any subsequent protocol (independent of Google’s worldwide lab
experiment) won’t be finalized for five years, and depending on how radical
it is, won’t achieve mass adoption for four to fifteen years.

By which point layer 2 protocols might allow for IPv6 jumbo packets to be