IETF Logo Mail Archive

Re: [TLS] [OPSEC] Call For Adoption: draft-wang-opsec-tls-proxy-bp

Ben Smyth <research@bensmyth.com> Fri, 31 July 2020 14:21 UTC

Return-Path: <research@bensmyth.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F1983A0E01 for <tls@ietfa.amsl.com>; Fri, 31 Jul 2020 07:21:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bensmyth.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5jpXUl6amqNO for <tls@ietfa.amsl.com>; Fri, 31 Jul 2020 07:21:22 -0700 (PDT)
Received: from 5.smtp.34sp.com (5.smtp.34sp.com [IPv6:2a00:1ee0:2:5::2eb7:8e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9D013A0BCD for <tls@ietf.org>; Fri, 31 Jul 2020 07:21:21 -0700 (PDT)
Received: from smtpauth2.mailarray.34sp.com (lvs5.34sp.com [46.183.13.73]) by 5.smtp.34sp.com (Postfix) with ESMTPS id 966A62C1CCD for <tls@ietf.org>; Fri, 31 Jul 2020 15:21:13 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bensmyth.com; s=dkim; t=1596205273; bh=O7V4tLoobvoTz7RV7W/XORUTuhr6iAhkMr7I6T2O2F4=; h=References:In-Reply-To:Reply-To:From:Date:Subject:To:Cc; b=RPi3TVPUsFlTuyVynGAcBgu6YtiOvpNA2i0lxRnJNKgYpcRnTdLrGvxq+MpNPx9/0 JX5Q/WuQHu0lXJ0vo7ArW+m3RjrNDzfFLdcHKUmEaL8UDV2klhh2D/nTf7DvVTHvev thZG5AoJhtWSHJfczQ2o/a//P6i/314+NC+DbFhg=
Received: from mail-ej1-f53.google.com ([209.85.218.53]:33433) by smtpauth2.mailarray.34sp.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92) (envelope-from <research@bensmyth.com>) id 1k1VuL-0003d3-8a; Fri, 31 Jul 2020 15:21:13 +0100
Received: by mail-ej1-f53.google.com with SMTP id kq25so18641911ejb.3; Fri, 31 Jul 2020 07:21:13 -0700 (PDT)
X-Gm-Message-State: AOAM531k6CK8S6gcZCyz9qiex+eyNALrTgsovYesY884Bfi6Pfqn0sw3 uMdMagDUXWNyPB0uoC3kczp5zlprEdjmFcAv340=
X-Google-Smtp-Source: ABdhPJwL/tHvPNTJSpahwM5eCAhwDrkhgFObGZn38h4C4PzQYaid1ZhJYIfpdQlRu/G60wD3vi3saT4wL8SKZVcePn0=
X-Received: by 2002:a17:906:b046:: with SMTP id bj6mr4474979ejb.349.1596205272875; Fri, 31 Jul 2020 07:21:12 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR05MB634890A51C4AF3CB1A03DA0BAE7A0@DM6PR05MB6348.namprd05.prod.outlook.com> <CAFU7BAS=ymUPTAGB_fOSrHTG0OajV1n5M1-yOBWxvGam-a89AA@mail.gmail.com> <P3VX7yNLRHW2RJySpNXncc3tfSeyPArgUZnuPmIB7ybFPu_WELPek2GHERsJfvoNHvgQXKyCfLs5lFYJgZWeyurOu4UtUZj7E4t4A66CWVk=@protonmail.com>
In-Reply-To: <P3VX7yNLRHW2RJySpNXncc3tfSeyPArgUZnuPmIB7ybFPu_WELPek2GHERsJfvoNHvgQXKyCfLs5lFYJgZWeyurOu4UtUZj7E4t4A66CWVk=@protonmail.com>
Reply-To: research@bensmyth.com
From: Ben Smyth <research@bensmyth.com>
Date: Fri, 31 Jul 2020 16:20:46 +0200
X-Gmail-Original-Message-ID: <CA+_8xu1qAs8CY-d39tMHq12ETbDnAfokJ3Pu8+Pg7pTyqNLfzQ@mail.gmail.com>
Message-ID: <CA+_8xu1qAs8CY-d39tMHq12ETbDnAfokJ3Pu8+Pg7pTyqNLfzQ@mail.gmail.com>
To: "Arnaud.Taddei.IETF" <Arnaud.Taddei.IETF@protonmail.com>
Cc: Jen Linkova <furry13@gmail.com>, OPSEC <opsec@ietf.org>, OpSec Chairs <opsec-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Authenticated-As: research@bensmyth.com
X-OriginalSMTPIP: 209.85.218.53
X-34spcom-MailScanner-Information: Please contact the ISP for more information
X-34spcom-MailScanner-ID: 966A62C1CCD.A4BC5
X-34spcom-MailScanner: Found to be clean
X-34spcom-MailScanner-SpamCheck: not spam, SpamAssassin (score=-11.101, required 6.5, autolearn=disabled, DKIM_SIGNED 0.10, DKIM_VALID -0.10, DKIM_VALID_AU -0.10, SPF_PASS -0.00, X34SP_ALLOW_GMAIL_EVEN_IF_BLACKLISTED -10.00, X34SP_OVERRIDE -1.00)
X-34spcom-MailScanner-From: research@bensmyth.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_-8bg58BO5AlQkWQRhu6YoUa6jA>
Subject: Re: [TLS] [OPSEC] Call For Adoption: draft-wang-opsec-tls-proxy-bp
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 14:21:26 -0000

On Tue, 28 Jul 2020 at 10:35, Arnaud.Taddei.IETF
<Arnaud.Taddei.IETF=40protonmail.com@dmarc.ietf.org> wrote:
> I strongly support this work as it represents capabilities that are being developed, deployed and used in practice. It has good intentions and provides a good approach in the context of defense in depth approaches. No security cannot be just on both ends of the communication. One can dream about it but that is not how reality is.

I appreciate that capabilities are being developed, deployed, and
used. However, shouldn't a secure solution be sought? Surely secure
solutions are just waiting to be discovered?

v2.23.0 | Report a Bug | By Email