Re: [TLS] chairs - please shutdown wiretapping discussion...

Stephen Farrell <> Mon, 10 July 2017 22:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1EB2C13191D for <>; Mon, 10 Jul 2017 15:21:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id vywZiPOzqFUM for <>; Mon, 10 Jul 2017 15:21:16 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EF59D1300CE for <>; Mon, 10 Jul 2017 15:21:15 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6A70ABE58; Mon, 10 Jul 2017 23:21:13 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id b8dN3yiWhniu; Mon, 10 Jul 2017 23:21:12 +0100 (IST)
Received: from [] ( []) by (Postfix) with ESMTPSA id EB560BE2F; Mon, 10 Jul 2017 23:21:11 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1499725272; bh=pW/m0ymJj1QTMlVe+vRYXWbDhbMEvYZ9nvqbXf1Ukw4=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=m6jpvAP//H8Kzs9SCtL6gRkh4RW2lf/XOywZ2DNjz3HIJ71aqQk+33/rgJxDy2yiS nlksvaYbSjC6Z49INpOhg5VZ2mk7WHkcOOhd42ts/kPM8H4LZMijrNV6CHIWL1digz DYdfkrwBIYS6B7O9fu633umZBarxpP588awpjI8U=
To: Russ Housley <>
Cc: "Polk, Tim (Fed)" <>, IETF TLS <>
References: <> <> <> <> <> <> <> <>
From: Stephen Farrell <>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <>
Date: Mon, 10 Jul 2017 23:21:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="a4KXQAOETPjw3E4vC2UF702fqc36B41R8"
Archived-At: <>
Subject: Re: [TLS] chairs - please shutdown wiretapping discussion...
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 10 Jul 2017 22:21:18 -0000

On 10/07/17 23:07, Russ Housley wrote:
> Stephen:
>>>> And to avoid a repeat of Russ' failed justification, many protocols
>>>> use and depend on TLS where the entity controlling the TLS server
>>>> private key materials is not the higher layer sender or receiver,
>>>> so all four points in the definition in 2804 are fully met by your
>>>> wiretapping scheme.
>>> It is clear that you do not agree with the reasoning that I posted on
>>> Friday.  Some people do, and clearly, others do not.
>>> So, I failed to convince you.  However, you have also failed to
>>> convince me that the proposal is wiretapping under the definition in
>>> RFC 2804, Section 3.
>> Consider SMTP/TLS. Where one MTA on the path supports this.
>> Say it's one operated by an anti-spam company for example.
>> That is clearly not the sender nor recipient.
>> That meets all 4 points in 2804, right?
> You are pointing to email.  Some MTAs will use SMTP over TLS, but many others do not.  It would be great if they all do, especially for the authentication.  In your response you are talking about an email system that has been using plaintext for ages, and you are trying to apply hop-by-hop a mechanism to the delivery.  Then, you are saying that the sender and receiver have confidentiality expectations that are being violated.  I do not buy it.

See [1].

Those show nearly 90% of mails being encrypted with
TLS now.

In many mail deployments there will be an added hop e.g.
for anti-spam (we do that here in tcd) to an outside

While not 100% of mail is encrypted with TLS on all
hops, much is. (And the UTA WG are developing MTA-STS
to try improve that.)

If one of those external parties implements your
scheme then mail senders and receivers will not know and
that real TLS application meets the 2804 definition for
lots and lots and lots of emails.

Hence, 2804 applies here and the standards-track label
ought be removed.



> Russ