Re: [TLS] TLS interception technologies that can be used with TLS 1.3

Yoav Nir <ynir.ietf@gmail.com> Thu, 15 March 2018 18:08 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39CE412DA03 for <tls@ietfa.amsl.com>; Thu, 15 Mar 2018 11:08:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v3lRCWo0NXUT for <tls@ietfa.amsl.com>; Thu, 15 Mar 2018 11:08:00 -0700 (PDT)
Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17B5312DA06 for <tls@ietf.org>; Thu, 15 Mar 2018 11:07:59 -0700 (PDT)
Received: by mail-wm0-x244.google.com with SMTP id t3so12123171wmc.2 for <tls@ietf.org>; Thu, 15 Mar 2018 11:07:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=zfYTbcPOGiS704VZfuQas9Q/7/dRg8NfbZ1RhwjceCQ=; b=h+PnPOf0blpMp90kU2AVLe0gcynnCN4OUXfFVskIm9vvlir8VvagPPdSPj3t6vcO5i uhHMfTBg6wKFqRmt4lYn+IM2jQ8OVbLIAQAKt40e/nzVPmi8iNECOk6M7dhw3vpAGZx6 bi1zOQSGxdW4fP81cAXkNNw0IqvmExJ46OLYnoygUoNJMHusyKIIA/ftStDq+VYX4lKf Ts3XvskFCAsyyXu7PmglhQFTFbiSKPqMIsB42k2RZh4gFQK4rBihLEmN4ywf1hOg+UU3 HrZHrrqWkX7NzQ5SIvRfEmvqA3UIw2hcVMQlCR+Eo7hTfljLICWkH8Hw1LBHijsCAq3t ARwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=zfYTbcPOGiS704VZfuQas9Q/7/dRg8NfbZ1RhwjceCQ=; b=tCVTPWY0qb4k0L4ArzL8qrsfN58UAvNrBxsAcPo7Z0b0j/t3fUDwdMPbCIIIJcrrJh PGiUrA0uQ8VuM3SCBGioDNuihVxs8SmY7kCPiWAyodSqsDc/aISoF1ZSFupYCc70SByc dXf6UV9V/Z0HtLsFQwbhAR6IHnE9RaUZah9iH0YiFfRPyWNNrlBa9+Jk38vPzFwuhFHM 2MUhB2rHqIRfbNx27fN43JJfdKrPWmBAO2fD1MTCLZ2Ev+Iktpm1nEE6Fx+vIxSVS/fH j0uVcg6FtNW0wuSnqOCYjbe9B+brWMvGZmeMeqB7tgoCv0bQeHA0yDjwsl4rw3wYM2xI pGGA==
X-Gm-Message-State: AElRT7EkiZIEvGpgKrxwnK0RAWl8C+q6/D7piQw+PCzrw6b9lnCYAWuW LYBW60vrmbAzSnyo2c1+Xic=
X-Google-Smtp-Source: AG47ELsjDZSsJNSsp2xsPyki5hDLQMe6PSEi9avGCcWlNubXvEQ5n4aluPC54vXTMRu9h5IuzzBIGQ==
X-Received: by 10.80.182.52 with SMTP id b49mr10063338ede.279.1521137277609; Thu, 15 Mar 2018 11:07:57 -0700 (PDT)
Received: from [192.168.1.18] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id c9sm2415748edl.23.2018.03.15.11.07.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Mar 2018 11:07:56 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Message-Id: <6BC4335A-D2E9-41FC-9F72-04B06594883B@gmail.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_F50978F3-7902-4019-BFCD-6B767C6810CE"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Thu, 15 Mar 2018 20:07:54 +0200
In-Reply-To: <2832089.SA8sAEVfAM@pintsize.usersys.redhat.com>
Cc: tls@ietf.org, Watson Ladd <watsonbladd@gmail.com>
To: Hubert Kario <hkario@redhat.com>
References: <CACsn0cmNuuG4dhkouNzb=RDfYwG25VaKN7cGhm21wfLk-NmS5A@mail.gmail.com> <9B30F837-8F6A-4AF0-A3BD-69F9AFED5D7B@gmail.com> <2832089.SA8sAEVfAM@pintsize.usersys.redhat.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nkpxN9WPVVc83QSXw5lf-hyY6lY>
Subject: Re: [TLS] TLS interception technologies that can be used with TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Mar 2018 18:08:03 -0000

So what’s the flag in openssl.conf that makes it generate a file with all the keys?  There isn’t one.  I guess the presumption is that if there was an RFC it would be easier to get the powers that be to make it happen. It likely needs to be in the main branch to be ubiquitous, because many products come with their own OpenSSL package.

TBH I don’t think an RFC would have that effect. Not every RFC gets implemented.


> On 15 Mar 2018, at 13:38, Hubert Kario <hkario@redhat.com>; wrote:
> 
> On Thursday, 15 March 2018 05:51:31 CET Yoav Nir wrote:
>> At the risk of stating the obvious, it’s because server owners want to use
>> the same OpenSSL, NSS, SChannel, or whatever you call the Java library that
>> everybody else uses. They’re all widely used, actively maintained, and
>> essentially free.
>> 
>> None of these libraries support any of this functionality.
> 
> huh? Sure, it is not nicely packaged in to allow integration with 3rd party
> systems, and sometimes disabled by default, but it's hardly missing...
> 
> https://github.com/openssl/openssl/pull/1646 <https://github.com/openssl/openssl/pull/1646>
> 
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format>
> 
> https://bugs.chromium.org/p/chromium/issues/detail?id=393477 <https://bugs.chromium.org/p/chromium/issues/detail?id=393477>
> 
>>> On 15 Mar 2018, at 2:16, Watson Ladd <watsonbladd@gmail.com>; wrote:
>>> 
>>> One can either use a static DH share, save the ephemerals on the
>>> servers and export them, or log all the data on the servers.
>>> 
>>> These options don't require any change to the wire protocol: they just
>>> require vendors supporting them. Why don't they meet the needs cited?
>>> 
>>> Sincerely,
>>> Watson
>>> 
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>> 
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org <mailto:TLS@ietf.org>
>> https://www.ietf.org/mailman/listinfo/tls <https://www.ietf.org/mailman/listinfo/tls>
> 
> 
> --
> Regards,
> Hubert Kario
> Senior Quality Engineer, QE BaseOS Security team
> Web: www.cz.redhat.com <http://www.cz.redhat.com/>
> Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic