[TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH
Eric Rescorla <ekr@rtfm.com> Sat, 03 August 2024 18:04 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3098C14F6A3 for <tls@ietfa.amsl.com>; Sat, 3 Aug 2024 11:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qYOwAkXd2KY6 for <tls@ietfa.amsl.com>; Sat, 3 Aug 2024 11:04:12 -0700 (PDT)
Received: from mail-yw1-x112b.google.com (mail-yw1-x112b.google.com [IPv6:2607:f8b0:4864:20::112b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1328C14F686 for <tls@ietf.org>; Sat, 3 Aug 2024 11:04:12 -0700 (PDT)
Received: by mail-yw1-x112b.google.com with SMTP id 00721157ae682-690af536546so979157b3.3 for <tls@ietf.org>; Sat, 03 Aug 2024 11:04:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1722708252; x=1723313052; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=hc1OddMNALcrpGY5cOCtpjL91wJegwl1ww2OnLHptq4=; b=GhyAoqcCL7DMYlX/PEcpv/cR0gO0hJM0jdzorj5/ZpC7DUmTYxiMY9cqx+Zxp+EtK0 hV5lxeL7QrNB6dch9cE33gkxqnQ5pvX53WZdqABKplLL0rnTwuvbfqiJSk/oLE4C9183 YbPxcaLeOkdwvU+yA7zkyrLBAr5fk2UJWBcJeIU6ZbRWll6nm5m0B+oScxV+6XM2TBGj KHaRrb7CGmSRz8h2tHhxjPLnTRT9z3XRun8q9czYGcA2PnPWB4WHxc0Mia4pDHFstVLM WKM0gmV+Lr5s5uIQ2pYNyp7+4ckfYmfsWD9fwW82hihux5UJDxfwXlcwK8t/jaH2ODJI P+ZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722708252; x=1723313052; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hc1OddMNALcrpGY5cOCtpjL91wJegwl1ww2OnLHptq4=; b=MW43BxfpQLKICqIX53ih9bnqB0fpDkGzkCNJZbS4sG+d0NAbBG4sOnZYB1vdZIYehi 4Hzj8z4Ppkw4utg9OOOs6OLAD+Z+CTvrzKjnCJ3aicby4FUo/ozfbcrqM6ehSwu0sCJ9 w1+VG/2a5nLaNxUFUdEZHLnDjX1ajiRXtIyBaTFJLaEIvLcViLZ7sdCaST4Ic1GNV7Hc LY2s7lqXdCsSGZDlw1ugUjBY5YjWGYgE7GYkX9USGsE+agZ4U+IhjwUbGePEr+eLpIEh 3FuHbUzHpZDKqeQJ7mvulefC+6ZISeFGHQz/+XUZW0dl/dIBQCfyseS+qEg/jRaGc2nu +xTg==
X-Forwarded-Encrypted: i=1; AJvYcCUdzRU2fFZF+mpn6Smy14n7GexksrOod9rr1bsuNRGVwUsE0AvlIp3kFAWkvC5C97rn4W8=@ietf.org
X-Gm-Message-State: AOJu0YyBkCtkvYxOcWMU2tE83FziRlHkdH3+9N0TCt3y417+1Ui00/rv ZiYsgcOp0vjwMWVLwEbwdj5Dk/llHw8f9+1juYP2PuNCQiigZtqQcOGwys124QEDKc7+CBu4Er2 y/qcqWH1K5dO9cP7LfnDRG8L5qjW8wDQp+lT1fA==
X-Google-Smtp-Source: AGHT+IGVKIu+L6xGifY2GNmSYntU2THMTNVueUnF4pHraNZ7mIeLpKN1SAKxBmHnOJV5mbRkehzJO3pr12YpJNBMCmc=
X-Received: by 2002:a05:6902:2b03:b0:e03:ab72:fe71 with SMTP id 3f1490d57ef6-e0bde2c0d10mr9104346276.10.1722708251692; Sat, 03 Aug 2024 11:04:11 -0700 (PDT)
MIME-Version: 1.0
References: <7CC88431-A71A-455B-A7A7-BA4AD3C8502C@sn3rd.com> <MN0PR21MB3147C2C3EE7B9115F339ADDE8CAB2@MN0PR21MB3147.namprd21.prod.outlook.com> <029901dae5c3$437addc0$ca709940$@gmx.net> <CAHBU6isbShx6XJLtUC1U+kPwABBTmGEueG2JhaEtVCgG7OdCbg@mail.gmail.com>
In-Reply-To: <CAHBU6isbShx6XJLtUC1U+kPwABBTmGEueG2JhaEtVCgG7OdCbg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 03 Aug 2024 11:03:35 -0700
Message-ID: <CABcZeBPUG0N0rZZ1ZCs2jzXxMiEP37R+reFQQj3PJkBwXSRSyQ@mail.gmail.com>
To: Tim Bray <tbray@textuality.com>
Content-Type: multipart/alternative; boundary="00000000000064f2ca061ecb4510"
Message-ID-Hash: SH7CJWPLZHBDWGFQEISPCTPGT4PQV5FE
X-Message-ID-Hash: SH7CJWPLZHBDWGFQEISPCTPGT4PQV5FE
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: hannes.tschofenig=40gmx.net@dmarc.ietf.org, Andrei Popov <Andrei.Popov=40microsoft.com@dmarc.ietf.org>, TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/fZTnOs3pQl36Vr0GxzBwZzvgXeU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Hi folks, I'd like to make sure we're all on the same page about this draft. The IESG has already approved the original TLS document on SSLKEYLOGFILE [0], which contains the keying material necessary to decrypt the connection. It's currently in the RFC Editor Queue. The draft under discussion would extend that format to allow also decrypting the ECH information. This of course has security and privacy implications, but presumably fewer than the connection as a whole, especially as the SSLKEYLOGFILE information is sufficient to decrypt the server's certificate. The main SSLKEYLOGFILE document already contains the following applicability statement [1], which also is referenced here in S 5: The artifact that this document describes - if made available to entities other than endpoints - completely undermines the core guarantees that TLS provides. This format is intended for use in systems where TLS only protects test data. While the access that this information provides to TLS connections can be useful for diagnosing problems while developing systems, this mechanism MUST NOT be used in a production system. If people feel that this statement is not strong enough, then I think the right thing to do is adjust the original draft, potentially by proposing new text here or to the IESG. -Ekr [0] https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/ [1] https://www.ietf.org/archive/id/draft-ietf-tls-keylogfile-02.html#name-applicability-statement On Sat, Aug 3, 2024 at 10:35 AM Tim Bray <tbray@textuality.com> wrote: > I’m not a TLS insider but I’ve been watching this discussion, and… > > On Aug 3, 2024 at 9:36:16 AM, hannes.tschofenig=40gmx.net@dmarc.ietf.org > wrote: > >> Hence, this is not a mechanism that allows a third party in the middle of >> the network communication to somehow decrypt traffic. It is a tool for a >> developer and must be enabled by the developer on one of the involved end >> points to work. >> > > If this is correct (some previous emails made me think it might not be) I > think it would be a good idea for a strong consensus statement to this > effect to appear in the WG product. Because if it is perceived that the > IETF is providing and blessing MITM mechanisms, that will be… um, > controversial. > > PS: I wonder what “in the middle of the network means”, exactly. > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-leave@ietf.org >
- [TLS]Adoption call for SSLKEYLOG Extension file f… Sean Turner
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Andrei Popov
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Yaroslav Rosomakho
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Bob Beck
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Salz, Rich
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Steven Valdez
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Stephen Farrell
- [TLS]Re: [⚠️] Re: [EXTERNAL] Adoption call for SS… Andrei Popov
- [TLS]Re: Adoption call for SSLKEYLOG Extension fi… Christopher Patton
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Christian Huitema
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Amir Omidi
- [TLS]Re: [⚠] Re: [EXTERNAL] Adoption call for SSL… Salz, Rich
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… hannes.tschofenig
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Tim Bray
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Eric Rescorla
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Stephen Farrell
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Christian Huitema
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Ilari Liusvaara
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Amir Omidi
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Andrei Popov
- [TLS]Re: Adoption call for SSLKEYLOG Extension fi… Kyle Nekritz
- [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG E… Mike Shaver