Re: [TLS] chairs - please shutdown wiretapping discussion...
Tony Arcieri <bascule@gmail.com> Sat, 08 July 2017 15:40 UTC
Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88B88129687 for <tls@ietfa.amsl.com>; Sat, 8 Jul 2017 08:40:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fQ9sloqtvtjb for <tls@ietfa.amsl.com>; Sat, 8 Jul 2017 08:40:16 -0700 (PDT)
Received: from mail-yb0-x230.google.com (mail-yb0-x230.google.com [IPv6:2607:f8b0:4002:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 706E6124E15 for <tls@ietf.org>; Sat, 8 Jul 2017 08:40:16 -0700 (PDT)
Received: by mail-yb0-x230.google.com with SMTP id p207so18163859yba.2 for <tls@ietf.org>; Sat, 08 Jul 2017 08:40:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JkhmvSIhmCivdecbu4c5ZdhQXXIiNPvb2HFPa83vzVE=; b=tB5nV667P/tB8ylKLEsS+09wfjv3zoaTlsok7dxjJyRoO4764yA0VKDMquLYUwYrbh UIRlkzqwPf4fv7ioKmvLzrvxr16mM1jBlpKT5mR2fz5fRD0qP7M3RdVOKMZH/R3lDFIO 8AbSZrDQ8uTBpjsfyzEpcbaHG1pMMycBh0TQ1mM6CHg+qg5zfWUeQlSFpT1hx9CGWSP8 CdI9JVlD9mYGdtzJXAV200OOIzNGF05wrjt75BQtBLhgq6p8orsrlzt9oIgKCh3dqohQ oVXxJxI0goYDpUj0gEhxPJAjqUhMe5qTpxumMSN1sx/ul+YY41ONvupJxp46Wfvi2/KO 6wFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JkhmvSIhmCivdecbu4c5ZdhQXXIiNPvb2HFPa83vzVE=; b=jI2Eoz6+z7fAZ6oAwQ3jGgqL+ZzDHfzSBqzgbjsTXSsQCsYAEMOoOZfewurU/ix0pD sXNWN84fC8MFldLmvsuWCg7bbd9ziBmkElSIMev3jv0Z8BrgOVdeXdSDwdif3YbsddjP cZLzgaFIe/KBs4d5a+3793sZVddYvOL3RSBv6DmfaBIbnHBCMZF0nyIpcr2HjXnz6w1t glnRtSnTush843sH/pBDb7SJM0v8AbuUPr9vavjBjcmz9qQDDVSb4sv73KLrfm/jQyyM uOr7ZnZ6JJADWdzmKkANBcm+6GBj9GXLRzEthC3RD8b05CP63HlwbC2hrcFTZ1ZPJu7g yIUA==
X-Gm-Message-State: AIVw110u69mFBuoVp+hp6tOZMSRiiFGSJqM7uWcBcoNhMK3vZkjs5TVs Ir237IwBxMhghhbaJhHiFoIzSoQ82A==
X-Received: by 10.37.221.196 with SMTP id u187mr8590771ybg.173.1499528415563; Sat, 08 Jul 2017 08:40:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.192.216 with HTTP; Sat, 8 Jul 2017 08:39:55 -0700 (PDT)
In-Reply-To: <b8baf87c-6648-96aa-4275-924fee07f774@cs.tcd.ie>
References: <b8baf87c-6648-96aa-4275-924fee07f774@cs.tcd.ie>
From: Tony Arcieri <bascule@gmail.com>
Date: Sat, 08 Jul 2017 08:39:55 -0700
Message-ID: <CAHOTMVLXzgnvcZsSjUgexpqeTZROUz9gaHO8oa8ox4hS7awQYA@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: tls chair <tls-chairs@tools.ietf.org>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a114bc35a8a76a50553d02ab4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mZh45CRrC2OWu3ngUc4WViQT9hk>
Subject: Re: [TLS] chairs - please shutdown wiretapping discussion...
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Jul 2017 15:40:18 -0000
I was one of the people arguing my hardest against the BITS Security proposal to continue to (ab)use RSA static keys to allow passive MitM, even though TLS 1.3 had already moved forward on what I would call a more modern protocol design of the sort I believe payments companies should embrace to improve their security. That said, if people do want to MitM themselves, I would rather there be a single, easily detectable and very explicit way of doing so, as opposed to sketchy, incompatible, ad hoc mechanisms. Furthermore, it would be nice to have a clear answer for these users, less they continue to make (bad) arguments that there is something fundamentally wrong with the design of TLS 1.3 that makes it incompatible with "industry requirements". Clearly there are echoes of the scary protocols of yesteryear, i.e. Clipper/LEAP. I think if you visit Matt Green's Twitter page and check the image header you will discover he is quite familiar with these things, and my personal presumption would be he is not displaying this image to show his undying love of the Clipper chip, although perhaps he's an especially crafty and duplicitous NSA sleeper agent.
- [TLS] chairs - please shutdown wiretapping discus… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yaron Sheffer
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Paul Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Tony Arcieri
- Re: [TLS] chairs - please shutdown wiretapping di… Eric Mill
- Re: [TLS] chairs - please shutdown wiretapping di… Colm MacCárthaigh
- Re: [TLS] chairs - please shutdown wiretapping di… Dan Brown
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Polk, Tim (Fed)
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nikos Mavrogiannopoulos
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Colm MacCárthaigh
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Watson Ladd
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Sean Turner
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Russ Housley
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Eric Mill
- Re: [TLS] chairs - please shutdown wiretapping di… Jeffrey Walton
- Re: [TLS] chairs - please shutdown wiretapping di… Watson Ladd
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Ackermann, Michael
- Re: [TLS] chairs - please shutdown wiretapping di… Michael StJohns
- Re: [TLS] chairs - please shutdown wiretapping di… Christian Huitema
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Christian Huitema
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Yoav Nir
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Nico Williams
- Re: [TLS] chairs - please shutdown wiretapping di… Bill Frantz
- Re: [TLS] chairs - please shutdown wiretapping di… Timothy Jackson
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Richard Barnes
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Ted Lemon
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Ilari Liusvaara
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kyle Rose
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell
- Re: [TLS] chairs - please shutdown wiretapping di… Kathleen Moriarty
- Re: [TLS] chairs - please shutdown wiretapping di… Stephen Farrell