Re: [TLS] chairs - please shutdown wiretapping discussion...

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 12 July 2017 20:01 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15CA3131946 for <tls@ietfa.amsl.com>; Wed, 12 Jul 2017 13:01:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7o8E9eSpXt7 for <tls@ietfa.amsl.com>; Wed, 12 Jul 2017 13:01:22 -0700 (PDT)
Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2933F1317B8 for <tls@ietf.org>; Wed, 12 Jul 2017 13:01:22 -0700 (PDT)
Received: by mail-wm0-x233.google.com with SMTP id 62so4375973wmw.1 for <tls@ietf.org>; Wed, 12 Jul 2017 13:01:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PNKV38tpcNe/XdnQ3Anjgi7jEPyoXtcSj3lYPzIbNsQ=; b=uBrt4zYG1YaQinRqQX2yxUDaDsgAPfSawNDsC5FZKZ/JtlymmDpwb0nN7CDpbOdMEd pKbUrB/eMPjhSU4Hb2OGwlNJb48bgEH7T1W40yVzxKtkVs8m+kLN2uJ3xbC9SsiNx0CN mjcC703e8efYa0SOKxASZMU5eq5xshqBEt2SNzOaxZqP41XPfMdhfH5RyEtDE6wKqgtM rYeGLGD2pMQY1S4IWLjdUCA/1uA2YfyNF7hBSjD+G13ZfxvUvkPnjiH0rzuD5btrmb6t UPLOAjjU0lC2Mfga7aCEIJlIwJzFqJ78UfOePXHMHJhOcSF+DaVGx63BLMa87vRU6zwB 8IiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=PNKV38tpcNe/XdnQ3Anjgi7jEPyoXtcSj3lYPzIbNsQ=; b=PQ+Mq8CmXu6j4Vr+fm/OX1h3TqCYoOh6l5bsY0onywqcXhU/E0tCUJWTJ22CAacoR8 2RAkJwodTLFLkq8NRFEGyMuK/1VlDGdyA6XK9S4bXuBAZsrsReEdQdEacPYLhoW76s4A 59m/ynIosoMT+9wx2/EkhRnGJACsBrad3vw17De13s3XvL/OUK6Ohd8Hzc57ssGXpOZL MpigHRr/qjWE0xp/x0vL8JWFWaVzsHo5jPY9ZEXrtXAIxydReJsDtNeW98ZyyVZWG/OO M3qTUJ/KeU8bfFpGXVZTINKBDrUmeB/fHfQyMpi8jGt5a/HxptAXwnwMaB2cj4dC8Wc6 +aUg==
X-Gm-Message-State: AIVw111lJjrB57WeLDTWdkGoiaFuBPGVZj8jOwaPqUsydfpPtIQH0hEH dJUVfEdffOlkLg==
X-Received: by 10.28.8.144 with SMTP id 138mr3921118wmi.8.1499889680723; Wed, 12 Jul 2017 13:01:20 -0700 (PDT)
Received: from [10.0.6.178] ([62.168.35.66]) by smtp.gmail.com with ESMTPSA id w30sm4333468wrb.49.2017.07.12.13.01.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 12 Jul 2017 13:01:19 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (14F89)
In-Reply-To: <caafe17c-8d77-dd9f-626c-610d68ab9b6f@cs.tcd.ie>
Date: Wed, 12 Jul 2017 22:01:18 +0200
Cc: Kyle Rose <krose@krose.org>, "Polk, Tim (Fed)" <william.polk@nist.gov>, IETF TLS <tls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <EDFEE643-FB87-41E0-9C67-87D25EB97B96@gmail.com>
References: <E9640B43-B3AD-48D7-910D-F284030B5466@nist.gov> <CY4PR14MB13688370E0544C9B84BB52A3D7A90@CY4PR14MB1368.namprd14.prod.outlook.com> <9693fc25-6444-e066-94aa-47094700f188@cs.tcd.ie> <CY4PR14MB1368BA01881DD9495FE86DF0D7A90@CY4PR14MB1368.namprd14.prod.outlook.com> <d806a69c-af30-c963-a361-91075332a61b@cs.tcd.ie> <F87D7646-DC53-4EF8-A2D8-D0939A0FB351@vigilsec.com> <b9001044-83d7-805c-2a49-c2780401bbf8@cs.tcd.ie> <C4125902-CA3A-4EA8-989B-8B1CE41598FB@fugue.com> <0c87999c-9d84-9eac-c2c4-0f1fc8a70bdb@cs.tcd.ie> <6DA3E09E-5523-4EB2-88F0-2C4429114805@fugue.com> <CAJU8_nWpzZY5-0B1d8D6ced1Us3N63DC92FMLbn+t4RyE=fLcw@mail.gmail.com> <eeed8398-f845-2bdf-578b-56eb74bbe736@cs.tcd.ie> <CAJU8_nUAFXcQKzO4f-WCEjxTDb_9GPcnFRpntF+c6WSTeGDJjw@mail.gmail.com> <9a5b276d-b1f2-bea9-19c1-d9eadf4da377@cs.tcd.ie> <CAJU8_nWtQ0AnV30sRSK6jP1955Ew_3gWSxYSQTUyjJXUsp27og@mail.gmail.com> <caafe17c-8d77-dd9f-626c-610d68ab9b6f@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/cBeDlmSqd14Nf0hQdS7UngZvjX8>
Subject: Re: [TLS] chairs - please shutdown wiretapping discussion...
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2017 20:01:24 -0000

With no hat on...

Sent from my iPhone

> On Jul 12, 2017, at 6:18 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>; wrote:
> 
> 
> 
>> On 12/07/17 16:54, Kyle Rose wrote:
>> On Wed, Jul 12, 2017 at 11:28 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie
>>> wrote:
>> 
>>> 
>>> 
>>>> On 12/07/17 16:27, Kyle Rose wrote:
>>>> The telco in the POTS case isn't either endpoint. The third-party
>>>> surveillance is unknown to those endpoints. Therefore: wiretapping.
>>> 
>>> Same in the wordpress.com or smtp/tls cases already
>>> described on list. Therefore: wiretapping.
>>> 
>>> My point was that "collaborating" does not mean not
>>> wiretapping. Saying otherwise is what'd be silly.
>>> 
>> 
>> And yet that's what 2804, what you have repeatedly cited, explicitly
>> states. I'm going to go with the definition given there, "silly" or not.
> 
> The definition in 2804 is not silly, nor did I say it was.
> 
> I said your implication that "collaboration" => "not
> wiretapping" was silly.
> 
>> This isn't wiretapping: it's *something else* potentially bad, but not all
>> surveillance is wiretapping.
> 
> Not all surveillance is wiretapping, sure, that is
> true.
> 
The difference with the WordPress & SMTP examples is that you know content will sit in plaintext on the servers, whereas with POTS, you need to wiretap to get the voice content. You only expect the log that the call transpired to exist with the service provider.

I'm still in a mode of listening to arguments,  but wanted to point this out in case better examples emerged.

Thanks,
Kathleen 


> What is also true is that the draft being discussed
> is entirely clearly usable for wiretapping in some
> applications that use TLS according to the definition
> in 2804.
> 
> S.
> 
> 
>> 
>> Kyle
>> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls