Re: [TLS] ETSI releases standards for enterprise security and data centre management

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 05 December 2018 10:33 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76042130DEA for <tls@ietfa.amsl.com>; Wed, 5 Dec 2018 02:33:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hhZ8tyczQF5i for <tls@ietfa.amsl.com>; Wed, 5 Dec 2018 02:33:07 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32148130DED for <tls@ietf.org>; Wed, 5 Dec 2018 02:33:06 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 82681BE2C; Wed, 5 Dec 2018 10:33:03 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rw-cox80MnVM; Wed, 5 Dec 2018 10:33:03 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 42F95BDCF; Wed, 5 Dec 2018 10:33:03 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1544005983; bh=KEdeZyYRbNKzIMNtE8ZPrckjpGw7ZwwBkZlu/DCr3eI=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=sKOdVXCQVize1laOU72NNGr0VLHPYrkclBSZjoV3SBeclQGGYna2RIWzbeEyvuzl+ HaMi6s4ywllcuU+c2GeBgeRj7BbdyvdepPeK7Fb300pXnjkHVF9y3tGjzIWsJd1jF8 uwNTkSbAFfAI2lMkHLVU8NDCHuQjX3+PP0fd8imI=
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
References: <CADqLbzKd-AgDRv2suZ-0Nz4jNUqKg0RNT8sgQd-n793t+gEN3g@mail.gmail.com> <CAHOTMVKZT1ScvHeP3=Kv2zodVimHkaAtG-2DTq6ojnF+q-OMSQ@mail.gmail.com> <20181202233553.GD15561@localhost> <CAHOTMV+vPkM-=Qsto-8-ipFuGsNKkH_U=BEY_mB=7CM7tto3Mw@mail.gmail.com> <38D10A65-B4EE-4E81-8EA4-D69514F7F47B@gmail.com> <51754d91-c00c-0cad-ecd6-8db74544d26a@cs.tcd.ie> <A7423BAF-398B-4BBE-81AC-364CE748D6B1@gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABzTJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsLBgAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxM7BTQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAcLBZQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <9344c0e1-f484-2b4b-8594-1d29731f6b7a@cs.tcd.ie>
Date: Wed, 5 Dec 2018 10:33:01 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <A7423BAF-398B-4BBE-81AC-364CE748D6B1@gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="IEoFsugl81eJ2BKjjXmARxHL4T0PajjSp"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jfmUm64pJObjcl63wMnaXvKI1io>
Subject: Re: [TLS] ETSI releases standards for enterprise security and data centre management
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Dec 2018 10:33:11 -0000


On 05/12/2018 10:22, Bret Jordan wrote:
> I think we should be more open minded and look at the needs from a
> 360 degree deployment perspective. 

I think we should avoid marketing speak.

> The real power of the IETF is in
> looking at all the needs and requirements and designing solutions for
> them.

The IETF is sometimes at it's best when it says "no." This
is one of those cases.

> We should flesh this out. It seems like several people on this list
> so far have proposed options that might work. If we spent half as
> much time looking for a solution as we have trying to prevent a
> solution, we would probably be done by now.

All of the above was done, at length, and we got a result.
The TLS WG had no consensus to work on this topic.

S.


> 
> Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8
> ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however,
> the only thing that can not be unscrambled is an egg."
> 
>> On Dec 5, 2018, at 6:12 PM, Stephen Farrell
>> <stephen.farrell@cs.tcd.ie>; wrote:
>> 
>> 
>> 
>> On 05/12/2018 08:08, Bret Jordan wrote:
>>> Now this WG is finally starting to talk about a solution to a
>>> real problem and need.  We can either address the use case and
>>> need here in the IETF, or we can let the solutions be done else
>>> where. I would personally prefer we take this work item back and
>>> solve it here in the IETF.
>> 
>> #include <previous-discussions>
>> 
>> I would hope the WG not revisit this topic and see no new facts to
>> justify distracting the WG again. Forum shopping is not new -
>> rubber-stamping by ETSI or ANSI was explicitly proposed as a
>> putative reason to adopt draft-green and that did not result in
>> consensus to work on this topic despite the significant effort put
>> in by proponents. I'm also happy to say that I see no evidence that
>> the WG would reach a different conclusion as to lack of consensus.
>> 
>> FWIW, I view this discussion as being analogous to scratching an
>> itchy scab - despite our knowing it is unproductive to do so, some
>> IETF participants apparently can't resist poking at the wound:-(
>> 
>> S.
>> 
>>> 
>>> Finally, remember, you may not like the use case or need, but
>>> that does not mean the use case is not valid and needed.
>>> 
>>> Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0
>>> 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw,
>>> however, the only thing that can not be unscrambled is an egg."
>>> 
>>>> On Dec 5, 2018, at 1:18 AM, Tony Arcieri <bascule@gmail.com>; 
>>>> wrote:
>>>> 
>>>> On Sun, Dec 2, 2018 at 3:36 PM Nico Williams
>>>> <nico@cryptonector.com <mailto:nico@cryptonector.com>> wrote:
>>>>> I'm not a fan of systems like this, but I believe for
>>>>> security reasons they should be designed in such a way that
>>>>> only the confidentiality of traffic is impacted, and a
>>>>> "visibility" system isn't able to leverage the decrypted
>>>>> traffic to resume decrypted sessions and thereby impersonate
>>>>> clients.
>>>> 
>>>> Any key escrow system will have this property.  Given the
>>>> session keys (or a way to recover them) you can resume
>>>> decrypted sessions.
>>>> 
>>>> Wouldn't escrowing only the client/server application traffic 
>>>> secrets (instead of keys higher in the schedule) avoid this 
>>>> problem? These keys would permit the one capability
>>>> "visibility" appliance vendors allege to care about: traffic
>>>> decryption, without permitting others like session resumption.
>>>> 
>>>> The most obvious escrow design requiring no changes to the
>>>> clients is to use a static eDH key on the server-side.  The
>>>> next most obvious such design is to have the server talk to the
>>>> escrow agent.
>>>> 
>>>> It seems like with an out-of-band escrow agent, the traffic
>>>> secrets could be escrowed with no changes to TLS.
>>>> 
>>>> -- Tony Arcieri _______________________________________________
>>>> TLS mailing list TLS@ietf.org 
>>>> https://www.ietf.org/mailman/listinfo/tls
>>> 
>>> 
>>> 
>>> _______________________________________________ TLS mailing list
>>>  TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
>>> 
>> <0x5AB2FAF17B172BEA.asc>
> 
>