IETF Logo Mail Archive

Re: [TLS] Please discuss: draft-housley-evidence-extns-00<

Martin Rex <martin.rex@sap.com> Fri, 12 January 2007 14:14 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H5NAl-00008l-2R; Fri, 12 Jan 2007 09:14:23 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H5NAj-00008U-Ig for tls@ietf.org; Fri, 12 Jan 2007 09:14:21 -0500
Received: from smtpde01.sap-ag.de ([155.56.68.171]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H5NAi-0002m4-6f for tls@ietf.org; Fri, 12 Jan 2007 09:14:21 -0500
Received: from sap-ag.de (smtpde01) by smtpde01.sap-ag.de (out) with ESMTP id PAA10426; Fri, 12 Jan 2007 15:13:40 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200701121413.PAA16990@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
To: ben@layer8.net
Date: Fri, 12 Jan 2007 15:13:27 +0100
In-Reply-To: <45A6FC7F.90108@layer8.net> from "Benjamin Black" at Jan 11, 7 07:11:59 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Benjamin Black wrote:
> 
> section 6.2 doesn't nearly address the problem in the abstract, much
> less give enough information to determine whether a specific
> implementation would or would not be deemed compliant with PCIDSS.  as
> just one specific example, 6.2 gives no guidance whatsoever on access
> control and auditing, both of which would prove especially challenging
> (do you monitor access to byte ranges?  do you index the streams before
> encryption so that semantically meaningful byte ranges are properly
> monitored?  how do you even enforce access policies when someone can
> access one byte range but not another when the whole stream is
> encrypted?  the complexity seems to be going up rapidly...).

This is what I meant with "distributing an egg on every access".

If TLS Evidence is used as described in a multi-level security environment,
the "wire-tap" data will likely have to carry the highest security label
that is permitted to travel the TLS-Endpoint, because of the braindead
raw capture approach that is entirely blind to the meta-data of the
communication contents.  It could re-use the labelling from the peers
certificate (policies), but it might still inflate the amount of data
with high security labelling.  The only positive side-effect might
be some extra jobs for IT tech guys with high security clearance
that are unlikely to be outsourced/off-shored. :-D


-Martin

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email