Re: [TLS] TLS Visibility Inside the Data Center (was: I-D Action: draft-green-tls-static-dh-in-tls13-00.txt)
Yoav Nir <ynir.ietf@gmail.com> Tue, 15 November 2016 01:28 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 548D3129630 for <tls@ietfa.amsl.com>; Mon, 14 Nov 2016 17:28:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bBCCHzUjUJrO for <tls@ietfa.amsl.com>; Mon, 14 Nov 2016 17:28:11 -0800 (PST)
Received: from mail-pf0-x229.google.com (mail-pf0-x229.google.com [IPv6:2607:f8b0:400e:c00::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D2A21295D0 for <tls@ietf.org>; Mon, 14 Nov 2016 17:28:11 -0800 (PST)
Received: by mail-pf0-x229.google.com with SMTP id i88so32437079pfk.2 for <tls@ietf.org>; Mon, 14 Nov 2016 17:28:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5QiRuYJlLWB47W8nhs1I63hjGLHYeI6BFxYMhCFM4SE=; b=RIriyu9CAYI015aHjeE9RLZ1QzzZx5Ojhp0ud5VVA1HiFdg1ekRVGu5i2QTm4akrxq 2+Ohw60dkaU4JdYFg/+AA/VyVnxbc+PRH9W4lttZqQhv1vO+k3A9QyfJGVNDBuPYlSY3 bql3FUrEKQHmTdQIAzyZUjc7PXxj0zfHBzeqO1bO5ZuWH4nKOGSOsqtO6TGkBSN5pfr1 s2AnZajBmkeR+ab/rZqRPRK9cICV1n8TmqS5EX2ljGK4XV+0tPRz6ZtscuwN2+x8K9mo 7o/kcAY80hibMduTSEdKoj7xHyOfOmQvkcSYHwNLzJq1BHVyAm8djOp1+p12iL3VrVMr 2jQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5QiRuYJlLWB47W8nhs1I63hjGLHYeI6BFxYMhCFM4SE=; b=XuigPc889UxKIcfU36S0aptH5LSQ25DEfHFX1vREwiruv3KgK2t+4n4diQowwA0LTp av0W0KwRPD0kVjXwGOQuLI9folssY+3t4beZdMLJ5JHibWWklFYXeBGmRbg5ZhSm/NFA NgSXzH0u+IcjCYgKYvLPiA/TRRd4OWiytt95nNkGQrcX6hMr5EdvVgnS0mnx6CIBKMeg NuwogFKxb8tu1QJjEsRZSho1Pqh7FV/oX2CGGPcB8+4IOTAdg0tXaTM+FT6vi89fxBKH 3NGP5TEUgBqrQAkNJdjygbnAMBiF49Mx2Rlhi/d+5b1i4xs2n/toT8La6BpZL2hrAVXj fO0Q==
X-Gm-Message-State: ABUngvcIEWHYRPbMQsOyMhc0lzg3St9jwHLR5ztjbanmh9lTOcVDtINgVBny0AxF8LMwYw==
X-Received: by 10.98.80.140 with SMTP id g12mr41646996pfj.54.1479173291180; Mon, 14 Nov 2016 17:28:11 -0800 (PST)
Received: from t2001067c03700128a089594b13383426.v6.meeting.ietf.org ([2001:67c:370:128:a089:594b:1338:3426]) by smtp.gmail.com with ESMTPSA id p79sm2599842pfj.51.2016.11.14.17.28.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Nov 2016 17:28:10 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <01E37D56-5E8F-417D-B416-1DF35A08C6CE@sn3rd.com>
Date: Tue, 15 Nov 2016 10:28:05 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <2F41D793-19E2-4C04-A914-E2F2581F844E@gmail.com>
References: <147910540903.27914.13476250309001878369.idtracker@ietfa.amsl.com> <01E37D56-5E8F-417D-B416-1DF35A08C6CE@sn3rd.com>
To: Sean Turner <sean@sn3rd.com>
X-Mailer: Apple Mail (2.3251)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Y2oTU25YTn9Ob14PqN5-e4BFjTk>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] TLS Visibility Inside the Data Center (was: I-D Action: draft-green-tls-static-dh-in-tls13-00.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2016 01:28:13 -0000
If I understand this draft correctly, this draft describes server behavior. It does not change anything within the TLS 1.3 protocol. IOW a server doing this will interoperate with any client. I searched the tls13 draft to see if it has anything to say about this, and the only thing I found was this line in appendix D.1: If fresh (EC)DHE keys are used for each connection, then the output keys are forward secret. So a server is not required to generate fresh (EC)DHE keys for each connection. In fact, generating fresh keys periodically and discarding the old ones are a legitimate way to achieve forward secrecy. What this draft does differently is to save the old (EC)DHE private keys, which loses the forward secrecy. So given that what the draft proposes is possible with the current TLS 1.3, what do the proponents want? Is it just to have a document that describes this server behavior? Yoav On 15 Nov 2016, at 8:21, Sean Turner <sean@sn3rd.com> wrote: > Please note that this draft is related to the agenda item: > > - TLS Visibility Inside the Data Center > > spt > >> Begin forwarded message: >> >> From: internet-drafts@ietf.org >> Subject: I-D Action: draft-green-tls-static-dh-in-tls13-00.txt >> Date: November 14, 2016 at 15:36:49 GMT+9 >> To: <i-d-announce@ietf.org> >> Reply-To: internet-drafts@ietf.org >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> >> >> Title : Data Center use of Static Diffie-Hellman in TLS 1.3 >> Author : Matthew Green >> Filename : draft-green-tls-static-dh-in-tls13-00.txt >> Pages : 4 >> Date : 2016-11-13 >> >> Abstract: >> Unlike earlier versions of TLS, current drafts of TLS 1.3 have >> instead adopted ephemeral-mode Diffie-Hellman and elliptic-curve >> Diffie-Hellman as the primary cryptographic key exchange mechanism >> used in TLS. This document describes an optional configuration for >> TLS servers that allows for the use of a static Diffie-Hellman secret >> for all TLS connections made to the server. Passive monitoring of TLS >> connections can be enabled by installing a corresponding copy of this >> key in each monitoring device. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-green-tls-static-dh-in-tls13/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-00 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> I-D-Announce mailing list >> I-D-Announce@ietf.org >> https://www.ietf.org/mailman/listinfo/i-d-announce >> Internet-Draft directories: http://www.ietf.org/shadow.html >> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] TLS Visibility Inside the Data Center (was:… Sean Turner
- Re: [TLS] TLS Visibility Inside the Data Center (… Yoav Nir
- Re: [TLS] TLS Visibility Inside the Data Center (… Matthew Green
- Re: [TLS] TLS Visibility Inside the Data Center (… Dan Brown
- Re: [TLS] TLS Visibility Inside the Data Center (… Salz, Rich