Re: [TLS] chairs - please shutdown wiretapping discussion...

Ted Lemon <mellon@fugue.com> Tue, 11 July 2017 11:02 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EB6612EB99 for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 04:02:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PpTUA4iw5B3q for <tls@ietfa.amsl.com>; Tue, 11 Jul 2017 04:02:20 -0700 (PDT)
Received: from mail-qk0-x22a.google.com (mail-qk0-x22a.google.com [IPv6:2607:f8b0:400d:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5676912EB43 for <tls@ietf.org>; Tue, 11 Jul 2017 04:02:20 -0700 (PDT)
Received: by mail-qk0-x22a.google.com with SMTP id v143so98376834qkb.0 for <tls@ietf.org>; Tue, 11 Jul 2017 04:02:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=2jnam+aU5bc0Ead3CFrdd7+5QWkIGMYREIj7rFGqq6I=; b=g+4mojoMiSZA3pI9HuvOsp+i8HXwWHCwRN2SsAinP5Gpuaa/4McTJo3sPuJIDgrFJK XIEHQirQsoXeBeBjuiYX6UuR8t/w9qo1j9pdL3OvKs1EHyDNcgyGb4wD0pwdSCbO8LPp TaWBgimuybgGzP8wi7TTY8v+5Gn9V9c3Eg+3ZMbkFosE/ROueMiv2RILDkZWAWn4b3vv oL7Uj69eNpewlTqGLTZsKRI52Fz1ppAshKOuQrek7juePWByrjDw/cH8GCACC5n27PyO pLqYks+p2kUNcU0VqQvW4bxZg9q4Jk72r+p8nJ0r8nDLOGAZQTAAu0IqCoGNtG4GNlqI JnwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=2jnam+aU5bc0Ead3CFrdd7+5QWkIGMYREIj7rFGqq6I=; b=YwcEoS2zxdwoBwy5Oo3aR2Lh4DNo9hMJ0SoKnfTNDU57BJz22gRH954dUuOgFdilxg yO2dnFsPNaznR/TCtBjj10XSgf8+hX/7nQ7/Me2JeA+Js6TAuRJnKtL3jk/sc7+Bh7iz FhVo6Czc+tlKCGH1ojocihFEntT415//h8ys1cZ/zrNhDD3JpCPLK5Bg3Yfj50+QM4pJ GzrlnqmTLI3QtAyYxMOSAk9NGOKQFSXvPBbp5s3dzj2nb9pVgUpu+/Urtrmuv/v2zTL6 WzRMSkjwSS5MWGcqL3697vV0dIE1JtdBZsTEffvBsZ9M1S5ETfbBTQASLQ1GQtGI5HpJ VCRg==
X-Gm-Message-State: AIVw112tLyTRQAzRuh3GF5mhZz7roBbiSW9NAbckdPoxaqNfOgMjhVKZ jZR7nV/96QNUQNDuVyTxcg==
X-Received: by 10.55.38.149 with SMTP id m21mr10269837qkm.39.1499770939422; Tue, 11 Jul 2017 04:02:19 -0700 (PDT)
Received: from macbook-pro-6.w50.lede.home (c-73-167-64-188.hsd1.ma.comcast.net. [73.167.64.188]) by smtp.gmail.com with ESMTPSA id n2sm10177579qkc.59.2017.07.11.04.02.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jul 2017 04:02:18 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <C4125902-CA3A-4EA8-989B-8B1CE41598FB@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E892AD14-9FE3-4D0D-9BE8-6FAE286F461B"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 11 Jul 2017 07:02:17 -0400
In-Reply-To: <b9001044-83d7-805c-2a49-c2780401bbf8@cs.tcd.ie>
Cc: Russ Housley <housley@vigilsec.com>, "Polk, Tim (Fed)" <william.polk@nist.gov>, IETF TLS <tls@ietf.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <E9640B43-B3AD-48D7-910D-F284030B5466@nist.gov> <CY4PR14MB13688370E0544C9B84BB52A3D7A90@CY4PR14MB1368.namprd14.prod.outlook.com> <9693fc25-6444-e066-94aa-47094700f188@cs.tcd.ie> <CY4PR14MB1368BA01881DD9495FE86DF0D7A90@CY4PR14MB1368.namprd14.prod.outlook.com> <d806a69c-af30-c963-a361-91075332a61b@cs.tcd.ie> <F87D7646-DC53-4EF8-A2D8-D0939A0FB351@vigilsec.com> <b9001044-83d7-805c-2a49-c2780401bbf8@cs.tcd.ie>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jgPPX8sGMMcLVHGGwB_flk6pYCk>
Subject: Re: [TLS] chairs - please shutdown wiretapping discussion...
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 11:02:23 -0000

On Jul 10, 2017, at 5:35 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>; wrote:
> Consider SMTP/TLS. Where one MTA on the path supports this.
> Say it's one operated by an anti-spam company for example.
> That is clearly not the sender nor recipient.
> 
> That meets all 4 points in 2804, right?

I don't buy this, Stephen.   The anti-spam company is not an eavesdropper.

What I don't understand about your approach to this draft is that it seems to me that the draft is obviously describing an exploit in TLS 1.3, for which a mitigation exists: remember keys, and refuse to communicate with an endpoint that presents a key you've seen before.

So rather than opposing the publication of the static keys draft, why not work on mitigating the attack it describes?   This attack exists whether the static keys draft is published or not.