[TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH

Amir Omidi <amir@aaomidi.com> Sun, 04 August 2024 14:40 UTC

Return-Path: <amir@aaomidi.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BC1EC14CE5D for <tls@ietfa.amsl.com>; Sun, 4 Aug 2024 07:40:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=aaomidi.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OuQA--zyhXcO for <tls@ietfa.amsl.com>; Sun, 4 Aug 2024 07:40:51 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 025D2C14F5E8 for <tls@ietf.org>; Sun, 4 Aug 2024 07:40:50 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id 2adb3069b0e04-52f04b3cb33so20873873e87.0 for <tls@ietf.org>; Sun, 04 Aug 2024 07:40:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aaomidi.com; s=google; t=1722782449; x=1723387249; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3vnxlpwYStTAsil6pQqVcTGdn4aR+5RsYtV6Q2lTkBM=; b=boB8XJbN1ri5wICSx+3c4qWFCsvtPQBfa+EnEGlKR7ufoBr3oYU1N6yFyeyLO08MVE 56meIijDXTfe+EcCxCosMe+OgLiV2aUTbV57P5B1C+JocJdiC8WUHJqWOCPys1juMVFn FBrl/JISUCl3aUVrSxoyrJZhsyR25/VmaXKELqfUpqCj56X7bMP5U7Rj++WVOHyMtUzk 7+ni5zqX/56T1cFxQ7vHWOBGxWsIe7Eu/jHT/LP4mtRIfxR25+M3Ou2eNlonJSj8v1PB iDcqNrptBqEg/YI/6ssp/ZJJVSsdIQTHPC60HJqeI6lHTi5OhjAqsb2CK0foHmFP2G0A WnSg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722782449; x=1723387249; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3vnxlpwYStTAsil6pQqVcTGdn4aR+5RsYtV6Q2lTkBM=; b=FthxwbuSkzDm3QSqwRzmnNlohfj+4lnCUVyt9Qn+JeF6Kre5QVOytyBdhKuaayw44U HlEjgrBEfTOFy/bLhMC/HMajKCICXolsDK2s4ADcxy8/oJYAvbF96qlYJ390BnTARXFR PHfr8G3g0JPK/K3tmQPRRirmS/i4wbzCm6k08UaSivmN3aSRRy1wr1W9QDtNhD8sPdIZ 33vCncyPnd7M/zh4zHwuSeEe+ILH9ootKx1LqVLCvCf9OLbmm7zdrylAXJBBi13SIAOS YB9EehrkGSeuvHbWrhbvUwpZhXgu8lSR/Yx1NiTprs3ezrEmiKtfO4DQqNvNaz61R2T0 5gIQ==
X-Gm-Message-State: AOJu0Ywoil6LU236SOken1Z84s1cp+E1bVFGlEtJM16RRboCKfihcJdh Upmjz8RzYPpLbJqpeqkZ4naIw7SumhZPYb1N8SaFzbeyliQnoS6xIkObt/f1R264gj8tDhtM6sm VczHNZUPn234hX+7P7/CSRe9Vybi3b9JV1f4AeQ==
X-Google-Smtp-Source: AGHT+IEp0VxAgmzYzvREiWDe94XZi5mi8rwOA9zMtjszj8ynNx3KvMURZC6Tjx7CBAtwbT+zbLCNl7vsLzOZ7OMDxHE=
X-Received: by 2002:a05:6512:1593:b0:52d:582e:4111 with SMTP id 2adb3069b0e04-530bb3810c5mr8396331e87.18.1722782448542; Sun, 04 Aug 2024 07:40:48 -0700 (PDT)
MIME-Version: 1.0
References: <7CC88431-A71A-455B-A7A7-BA4AD3C8502C@sn3rd.com> <MN0PR21MB3147C2C3EE7B9115F339ADDE8CAB2@MN0PR21MB3147.namprd21.prod.outlook.com> <029901dae5c3$437addc0$ca709940$@gmx.net> <CAHBU6isbShx6XJLtUC1U+kPwABBTmGEueG2JhaEtVCgG7OdCbg@mail.gmail.com> <CABcZeBPUG0N0rZZ1ZCs2jzXxMiEP37R+reFQQj3PJkBwXSRSyQ@mail.gmail.com> <c24048cf-798f-4702-9000-114b6d173f05@huitema.net> <Zq9fMFjKIORoMHSG@LK-Perkele-VII2.locald>
In-Reply-To: <Zq9fMFjKIORoMHSG@LK-Perkele-VII2.locald>
From: Amir Omidi <amir@aaomidi.com>
Date: Sun, 04 Aug 2024 10:40:37 -0400
Message-ID: <CAOG=JU+h2WO0kjz_n0MzhaPtLBLQf7vhVBBMKHrtmCaZwRvF+Q@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Content-Type: multipart/alternative; boundary="000000000000defec9061edc8b1a"
Message-ID-Hash: KJ75RFGJKWBZCTTL3AUWVLU5BQ3R5BIN
X-Message-ID-Hash: KJ75RFGJKWBZCTTL3AUWVLU5BQ3R5BIN
X-MailFrom: amir@aaomidi.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: [EXTERNAL] Adoption call for SSLKEYLOG Extension file for ECH
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jW4o7ETnORjR6cvIRH7hpCoq4FA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

It doesn’t necessarily need to be malicious. With how much of software
deployment being massive YAML files with tons of environment variables,
mistakenly including this won’t be that difficult.

On Sun, Aug 4, 2024 at 07:00 Ilari Liusvaara <ilariliusvaara@welho.com>
wrote:

> On Sat, Aug 03, 2024 at 02:38:29PM -0700, Christian Huitema wrote:
> >
> > The security considerations of
> > https://datatracker.ietf.org/doc/draft-ietf-tls-keylogfile/ are pretty
> > clear, but the discussion pointed out that environment variables can be
> > installed without knowledge of most users. More protection is needed.
> > Examples are explicit run time options, such as asking the user to set a
> > special configuration flag to enable the feature, and compile time
> > protections, which would only enable that configuration flag in special
> > versions of the application.
>
> Any attacker that can tamper with environment variables is in position
> to do way way worse things than enabling SSLKEYLOG. Possibly even worse
> than an attacker capable of replacing the whole application with a
> troijan!
>
>
>
>
> -Ilari
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>