Re: [TLS] The future devices that will break TLS 1.4
Yuhong Bao <yuhongbao_386@hotmail.com> Sat, 13 January 2018 00:50 UTC
Return-Path: <yuhongbao_386@hotmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D1C5126C23 for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 16:50:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.875
X-Spam-Level:
X-Spam-Status: No, score=-0.875 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vnmynO6e5F9J for <tls@ietfa.amsl.com>; Fri, 12 Jan 2018 16:50:03 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-oln040092005011.outbound.protection.outlook.com [40.92.5.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFC81126C25 for <tls@ietf.org>; Fri, 12 Jan 2018 16:50:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=do3Ak6KyqlRDYjgS1BNu9l9Uk8WyZMB87/HFalHuTDs=; b=FDMPufCkZix+xJjL+FppI7QcceV/3ywofFQdk+WKk/VLCpFyfE92ryaYb58xP0ft8SCpvAShmc+lBrWFS/n0iwQnwtxn1NrDAw5aIZSjJQVrXOyLyu3BP/uLHsoFlUakn7G/7agMmM28Zo46sImdVqSElwp0moGqiJHAIMoAp4DP7LKtCIBssDu/6+oHyIiBkVXbC9ovnxbqviZag3TAcDsJ0tRA2sg45Y0Vn+8G3CnOdRdAblf/0kGux+JzX8Yh2Xws3lBjF243w5BAn+Mp+bXObkVZVCkf/lZ3wJQi+CAx3/zyeUKWUAO0xUhmbcFW7zTIpeFFV17LNEdJLfpDOA==
Received: from SN1NAM02FT006.eop-nam02.prod.protection.outlook.com (10.152.72.57) by SN1NAM02HT110.eop-nam02.prod.protection.outlook.com (10.152.73.58) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.345.12; Sat, 13 Jan 2018 00:50:00 +0000
Received: from MWHPR1801MB2061.namprd18.prod.outlook.com (10.152.72.58) by SN1NAM02FT006.mail.protection.outlook.com (10.152.72.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.345.12 via Frontend Transport; Sat, 13 Jan 2018 00:50:00 +0000
Received: from MWHPR1801MB2061.namprd18.prod.outlook.com ([10.164.205.38]) by MWHPR1801MB2061.namprd18.prod.outlook.com ([10.164.205.38]) with mapi id 15.20.0386.009; Sat, 13 Jan 2018 00:50:00 +0000
From: Yuhong Bao <yuhongbao_386@hotmail.com>
To: Hanno Böck <hanno@hboeck.de>, Dan Wing <danwing@gmail.com>
CC: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] The future devices that will break TLS 1.4
Thread-Index: AQHTi/lrAD74E5jR80q8p2qaPVAj8aNw6QeAgAAFE4CAAAZ3eYAABCUN
Date: Sat, 13 Jan 2018 00:50:00 +0000
Message-ID: <MWHPR1801MB20611E8C449DA5326B99007EC3140@MWHPR1801MB2061.namprd18.prod.outlook.com>
References: <20180113000206.6bc36af6@pc1> <57CA48F7-CC49-42A3-AF9B-BCB4778264B2@gmail.com>, <20180113011115.765a3fc9@pc1>, <MWHPR1801MB2061DD6DB53FBC1E9FD791CCC3140@MWHPR1801MB2061.namprd18.prod.outlook.com>
In-Reply-To: <MWHPR1801MB2061DD6DB53FBC1E9FD791CCC3140@MWHPR1801MB2061.namprd18.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:443743D66FB5EBC2C6C64C45113DAF20086DA1B9FFE5BED828E59F18E6C26F47; UpperCasedChecksum:8AD304CB081927BD7E28302D7B5D27F13B4DB1AF0E11B6CF55DDA8A04CFC4A49; SizeAsReceived:7416; Count:47
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [/QaWk8/taZlJrNJEsX2pDSaPaIADvSaCqqZke1/7JJW8UJfeTCMsnojxoVULlwmX]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN1NAM02HT110; 6:aNYXoBz60LEKTTT+mUsqlsx0MesRUct6HQPusUyTnV281VN5unx4VZYD8NpLoemRbqebySDSzQP3RvrWOVfHFzPsgGFfNVjTk3ITvc1KhcOjAFbPJ3sRG7N2JtnUaidzXW3s9c9vMVvE0ML21O6Gj7XFsIXRU4bAAA+3GaLIUTVycNCrxOtppIGkLQLOT6cS9nV9vTiYXKnn0T2AZ7DS4HORKS+gCYrVgOE8t8Gwus/hEKwua6vl+RiZvxdZpiz7vfwdH4r6Y2JYzer3UUPX1WvBc6azAUWbna5mmrx/1d8sA0tTPh++MBGfisAGtZrPo3vuoqlc7tiLf60FZ8z0lRlgX/Ipd/tYP2SzoB1KOL8=; 5:dhra0SocNSdfIReO6zdH+fVdyUvW9Gqnk2VX/cqSOqZJBs1m+eMRQ81MaePPpRzDPenQ5AYu45BFuZ2nn4tX7aqtrkdxSjfI1PLrh7S5v/zoi93pf1tCsM72Z4aOgVTcBN6ymjilM5aNXe48DsvMnbcA7pysMAwjjv7YpAQLuPs=; 24:OzBzlTpoPLjHQYqtSh8eQRD4OxE7jKEKR+xAclyCJiqOpfa4sOUPDaR5Uas6ZaJDc5fe9zsR2LTxBgkF8P+PnpcexryQHVrKyBzUrgJAL0Y=; 7:+20Wr8doXK0xl8q9S3saXpK9rA6WpMDhbc2p6YmrvhI26he6S20oxNhomGLeMK9aoLLFaJLr16pwyzb/tUm7FxMGnEI4Z5/BKlyWh8ivifXvLYPnaF9n1T6mNV1TuxAmfYUrKFuQ96ORmVUsjesVk0PYJ+k8S6xMwf+KjIcYnOFhUVQ9HHeCkDeyfuAxhBik1uJ33jl4mtIGPgb40yImwDC+31yhCuU+LYy410KS6WftVf7lgioazJtN/jXYS2QB
x-incomingheadercount: 47
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020089)(201702061074)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101448)(1601125374)(1701031045); SRVR:SN1NAM02HT110;
x-ms-traffictypediagnostic: SN1NAM02HT110:
x-ms-office365-filtering-correlation-id: 655b9227-3459-4def-1554-08d55a1f9342
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:SN1NAM02HT110; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:SN1NAM02HT110;
x-forefront-prvs: 05514B7026
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:SN1NAM02HT110; H:MWHPR1801MB2061.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 655b9227-3459-4def-1554-08d55a1f9342
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2018 00:50:00.3392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM02HT110
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lCHUif7Tdev-Z5NmIEOmgyC5pHI>
Subject: Re: [TLS] The future devices that will break TLS 1.4
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jan 2018 00:50:05 -0000
This also applies to TLS 1.3 BTW, not just a future TLS 1.4. ________________________________________ From: TLS <tls-bounces@ietf.org> on behalf of Yuhong Bao <yuhongbao_386@hotmail.com> Sent: Friday, January 12, 2018 4:34:35 PM To: Hanno Böck; Dan Wing Cc: tls@ietf.org Subject: Re: [TLS] The future devices that will break TLS 1.4 Is that arms race really worth fighting? ________________________________________ From: TLS <tls-bounces@ietf.org> on behalf of Hanno Böck <hanno@hboeck.de> Sent: Friday, January 12, 2018 4:11:15 PM To: Dan Wing Cc: tls@ietf.org Subject: Re: [TLS] The future devices that will break TLS 1.4 On Fri, 12 Jan 2018 15:53:05 -0800 Dan Wing <danwing@gmail.com> wrote: > Those bugs that interfere with TLS handshakes are un-related to > Cisco's Encrypted Traffic Analytics ("ETA"). Different technologies. I haven't claimed that. I just think it's very plausible to assume that a company that already created two independent problems for TLS 1.3 will do the same in future products that mess with TLS in "new and exciting ways". And for the unlikely case that Cisco is able to learn from past mistakes I'm absolutely sure there will be others creating similar products that won't. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] The future devices that will break TLS 1.4 Hanno Böck
- Re: [TLS] The future devices that will break TLS … Dan Wing
- Re: [TLS] The future devices that will break TLS … Hanno Böck
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Yuhong Bao
- Re: [TLS] The future devices that will break TLS … Christian Huitema
- Re: [TLS] The future devices that will break TLS … Tony Arcieri
- Re: [TLS] The future devices that will break TLS … Martin Thomson
- Re: [TLS] The future devices that will break TLS … Hubert Kario