Re: [TLS] Breaking into TLS to protect customers
nalini elkins <nalini.elkins@e-dco.com> Thu, 15 March 2018 08:52 UTC
Return-Path: <nalini.elkins@e-dco.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A04012778E for <tls@ietfa.amsl.com>; Thu, 15 Mar 2018 01:52:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=e-dco-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QsCWOeZYN_uW for <tls@ietfa.amsl.com>; Thu, 15 Mar 2018 01:52:20 -0700 (PDT)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEDC71270A7 for <tls@ietf.org>; Thu, 15 Mar 2018 01:52:19 -0700 (PDT)
Received: by mail-io0-x233.google.com with SMTP id l12so7629571ioc.10 for <tls@ietf.org>; Thu, 15 Mar 2018 01:52:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=e-dco-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bnpcZAYy+KBMgOU4T/J/qbQTTj8VPf1aJp0iEmuHmOc=; b=afN+BmZlXmcLdpVU4DPrQmYeNzzrArOaJw5ww3gzaY/rvQFbyst8HvvqKj4LkcGjnM ALF21qLWQrMCJQ4G61zjofNqkPKvMk5WeLCmDrsuTevMdonHea/HGKlrWyIB+TMgF/Bm R0kg+5r58I9wgv5LM++FZhRhRmYxPcSA9flxFtXEPC8WglOzOHETrh46G8IAuvLEaJiG 4uS7JVBb0pEmIqxOR1XLvpnClU0B5yKBl4HwtublugmXsLH2otI6iRmei1e2mfRIJZK6 BblRUWoBSgiWp/oghnCPLW52egKhsDqQGgTyq9ABVUxw0fiTzQ+rxw7c6kbn8qEri7/o 1uxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bnpcZAYy+KBMgOU4T/J/qbQTTj8VPf1aJp0iEmuHmOc=; b=FOfmFTiPQ3irezLiqU7JiwK3U2bbPj+vzL0FSElLcG9DHttCJNk603viCgMNatqDEO wXdkDBIAHsayPr5JzzFE6kqJmSbS85fJJDPA1fWGS+ncv59P1EMIlJb8IEHfqFUZMQFT QCxvJFn9XO5FGq5cuvlOHDxZIdKu1KOoCoynxb1KM3fD9QgSDT6tJSxKE5RkaqDjqQOQ 98gwuqHVgRCJglERDapkQ+JwItWWnGVs4AcLyC6zA8P0L+eiFBpeWLA8lubIUrACZQ0D OuVg9lHFZr2EskpYIeTgZ8gjikD7BFwPATdT/8B9253pOp22AFkdoaLCACNEVqAyTC1Y Ipxg==
X-Gm-Message-State: AElRT7GO/8OWuFd9QrVSjVUbpa5WbLc/ElOEQizevpZX84MinJs0NCSr iFk5iNjQpW6LvgX/70Ld5Y37sHDncaaSUzwZ6eW2wA==
X-Google-Smtp-Source: AG47ELt3wn2DYLZRgY5kINQhwKQd21XD4TGcODqV+dvP090o+imG8c6qT26AZI6vx4Ie1mkVhQ0KUQTfM4c2kmMhJX8=
X-Received: by 10.107.46.30 with SMTP id i30mr4664955ioo.288.1521103939113; Thu, 15 Mar 2018 01:52:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.2.29.138 with HTTP; Thu, 15 Mar 2018 01:52:18 -0700 (PDT)
In-Reply-To: <CALZ3u+b_iRx7-jCWkSdxMGJS0XdyiexVxUepXYjywoeNzxpFyQ@mail.gmail.com>
References: <C43EDAAC-1CA1-4289-8659-B2E05985F79C@akamai.com> <CALZ3u+b_iRx7-jCWkSdxMGJS0XdyiexVxUepXYjywoeNzxpFyQ@mail.gmail.com>
From: nalini elkins <nalini.elkins@e-dco.com>
Date: Thu, 15 Mar 2018 08:52:18 +0000
Message-ID: <CAPsNn2XY1upg=wLwUgQo-G2pkAPG0m8yaU5f15HC9LLN=aRRbg@mail.gmail.com>
To: Artyom Gavrichenkov <ximaera@gmail.com>
Cc: "Salz, Rich" <rsalz@akamai.com>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a11372550f5497505676f9b47"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/k_Xn0ycA2IiuxGqeXv4cZB8qCPY>
Subject: Re: [TLS] Breaking into TLS to protect customers
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2018 08:52:22 -0000
> Are we going to discuss draft-fenter ad hoc, or we'll start a new thread dedicated to that? Because I strongly believe I also have some suggestions for that draft. Artyom, yes, as far as I am concerned at least, please start a new thread. Sorry I am getting behind on responding to all the emails. But, I am very interested in what you have to say. I just can't keep up. Will do my best to respond as promptly as possible but there are many of you and not so many of me. Nalini On Thu, Mar 15, 2018 at 3:33 AM, Artyom Gavrichenkov <ximaera@gmail.com> wrote: > Are we going to discuss draft-fenter ad hoc, or we'll start a new thread > dedicated to that? Because I strongly believe I also have some suggestions > for that draft. > > ср, 14 мар. 2018 г., 23:30 Salz, Rich <rsalz@akamai.com>: > >> Some on this list have said that they need to break into TLS in order to >> protect customers. >> >> >> >> The thing customers seem to need the most protection is having their >> personal data stolen. It seems to happen with amazing and disappointing >> regularity on astounding scales. Some examples include >> >> - retailer Target, presumably subject to PCI-DSS rules >> - Anthem health insurance, presumably a regulated industry >> - Equifax, a financial-business organization (but apparently not >> regulated) >> - Yahoo, a company created on and by and for the Internet (one would >> think they know better) >> >> We could, of course, go on and on and on. >> >> >> >> NONE of those organizations are using TLS 1.3. >> >> >> >> So what kind of “protect the customer” requires breaking TLS? And what >> benefits and increased protection will customers see? >> >> >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > > -- Thanks, Nalini Elkins President Enterprise Data Center Operators www.e-dco.com
- [TLS] Breaking into TLS to protect customers Salz, Rich
- Re: [TLS] Breaking into TLS to protect customers Artyom Gavrichenkov
- Re: [TLS] Breaking into TLS to protect customers Yoav Nir
- Re: [TLS] Breaking into TLS to protect customers nalini elkins
- Re: [TLS] Breaking into TLS to protect customers Ion Larranaga Azcue
- Re: [TLS] Breaking into TLS to protect customers Salz, Rich
- Re: [TLS] Breaking into TLS to protect customers Kathleen Moriarty
- Re: [TLS] Breaking into TLS to protect customers Carl Mehner
- Re: [TLS] Breaking into TLS to protect customers Kathleen Moriarty
- Re: [TLS] Breaking into TLS to protect customers Ion Larranaga Azcue
- Re: [TLS] Breaking into TLS to protect customers Yoav Nir
- Re: [TLS] Breaking into TLS to protect customers Roland Zink
- Re: [TLS] Breaking into TLS to protect customers Ackermann, Michael
- Re: [TLS] Breaking into TLS to protect customers Darin Pettis
- Re: [TLS] Breaking into TLS to protect customers Eric Mill
- Re: [TLS] Breaking into TLS to protect customers Matthew Ford
- Re: [TLS] Breaking into TLS to protect customers Daniel Kahn Gillmor
- Re: [TLS] Breaking into TLS to protect customers Joseph Lorenzo Hall
- Re: [TLS] Breaking into TLS to protect customers Yoav Nir
- Re: [TLS] Breaking into TLS to protect customers Colm MacCárthaigh
- Re: [TLS] Breaking into TLS to protect customers R du Toit
- Re: [TLS] Breaking into TLS to protect customers Ryan Sleevi
- Re: [TLS] Breaking into TLS to protect customers Benjamin Kaduk
- Re: [TLS] Breaking into TLS to protect customers Benjamin Kaduk
- Re: [TLS] Breaking into TLS to protect customers Salz, Rich
- Re: [TLS] Breaking into TLS to protect customers Eric Mill
- Re: [TLS] Breaking into TLS to protect customers Benjamin Kaduk