Re: [TLS] What's up with TACK?

Hanno Böck <hanno@hboeck.de> Thu, 18 June 2015 11:19 UTC

Return-Path: <hanno@hboeck.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 494D01A1BA5 for <tls@ietfa.amsl.com>; Thu, 18 Jun 2015 04:19:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.699
X-Spam-Level: **
X-Spam-Status: No, score=2.699 tagged_above=-999 required=5 tests=[BAYES_50=0.8, MANGLED_BACK=2.3, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DoqD0Xq8SBv8 for <tls@ietfa.amsl.com>; Thu, 18 Jun 2015 04:19:50 -0700 (PDT)
Received: from zucker2.schokokeks.org (zucker2.schokokeks.org [178.63.68.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E64C1A1BB1 for <tls@ietf.org>; Thu, 18 Jun 2015 04:19:49 -0700 (PDT)
Received: from pc1 (x4d03062b.dyn.telefonica.de [::ffff:77.3.6.43]) (AUTH: LOGIN hanno-default@schokokeks.org, TLS: TLSv1/SSLv3, 128bits, ECDHE-RSA-AES128-GCM-SHA256) by zucker.schokokeks.org with ESMTPSA; Thu, 18 Jun 2015 13:19:46 +0200 id 00000000000000F1.000000005582A952.00004D84
Date: Thu, 18 Jun 2015 13:20:41 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@hboeck.de>
To: tls@ietf.org
Message-ID: <20150618132041.1ae55865@pc1>
In-Reply-To: <20150613193444.GA31312@typhoon.azet.org>
References: <20150613193444.GA31312@typhoon.azet.org>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.28; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="=_zucker.schokokeks.org-19844-1434626386-0001-2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/d4tg7lZx9EaVQm4gNbrV0g4I_Cw>
Subject: Re: [TLS] What's up with TACK?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jun 2015 11:19:52 -0000

I'm a bit surprised that nobody seems to care to answer here.

CA failures still happen on a quite regular basis. We recently had
CNNIC, ANSSI and India CCA. I think this is the elephant in the room of
TLS problems.

HPKP makes me have very mixed feelings. On the one hand I'm happy that
we have something at last, but on the other hand I fear that people
might move into the "we now have a solution for HTTPS" direction and
neglect other uses of TLS. I'd be worried if we consider non-HTTPS-TLS
a second-best security solution.

Also from my understanding TACK also solves another problem:
STARTTLS-stripping (draft, chapter 5.2), which is as far as I'm aware
also otherwise an unsolved issue (see e.g. [1]).

In other words: I support Aarons request to adopt TACK or something
similar.

[1] https://blog.filippo.io/the-sad-state-of-smtp-encryption/
-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: BBB51E42