[TLS] Sabotage?

Michael D'Errico <mike-list@pobox.com> Sat, 12 September 2020 15:07 UTC

Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id EF2673A0AFE for <tls@ietfa.amsl.com>; Sat, 12 Sep 2020 08:07:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pobox.com; domainkeys=pass (1024-bit key) header.from=mike-list@pobox.com header.d=pobox.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id iZaUv1-b6DR2 for <tls@ietfa.amsl.com>; Sat, 12 Sep 2020 08:07:05 -0700 (PDT)
Received: from pb-smtp1.pobox.com (pb-smtp1.pobox.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B60DB3A0AFA for <tls@ietf.org>; Sat, 12 Sep 2020 08:07:05 -0700 (PDT)
Received: from pb-smtp1.pobox.com (unknown []) by pb-smtp1.pobox.com (Postfix) with ESMTP id 7A6AB7F4EA for <tls@ietf.org>; Sat, 12 Sep 2020 11:07:02 -0400 (EDT) (envelope-from mike-list@pobox.com)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=to:from :subject:message-id:date:mime-version:content-type :content-transfer-encoding; s=sasl; bh=Fa5/XSJBTVopWb44skfsC8xPl Q0=; b=W5GLiBz56H3T6Ve6O9BuCiIJe7QmIPrksxn9cgMd/K3cH5pnzADFnL1vw mVVStFiSbgeONANHeqXZEhkRJAdA22kLLHuyF5yoWhpALhhkFkkGPazJ/ojccKj4 /ltVFNr8TkRygMK1QiaHkhyuFk0SZgTpY+1GI+/qpr76omabfA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=to:from:subject :message-id:date:mime-version:content-type :content-transfer-encoding; q=dns; s=sasl; b=tkKi9MNXiI4k+8bWRpq s3G8sf31x5xcMbHdcQjbBXEP4X3sgBzP9bqYt4rxCyaUX29oLs981tRe22sPw0jq 91/t8Rcbf8eYG3bV8h3jpCjy6C/+u3vWTZ3WH+TE8DIHdHxR5uKVRMkccJ50+tMu /Q8tMWxDCmOdXnMxVL/Nz8iM=
Received: from pb-smtp1.nyi.icgroup.com (unknown []) by pb-smtp1.pobox.com (Postfix) with ESMTP id 733777F4E9 for <tls@ietf.org>; Sat, 12 Sep 2020 11:07:02 -0400 (EDT) (envelope-from mike-list@pobox.com)
Received: from MacBookPro.local (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id A5FAC7F4E8 for <tls@ietf.org>; Sat, 12 Sep 2020 11:07:01 -0400 (EDT) (envelope-from mike-list@pobox.com)
To: tls@ietf.org
From: Michael D'Errico <mike-list@pobox.com>
Message-ID: <42a2462f-d872-1077-0070-5a4037fd9560@pobox.com>
Date: Sat, 12 Sep 2020 11:07:00 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
X-Pobox-Relay-ID: 9C7D4F92-F509-11EA-8249-01D9BED8090B-38729857!pb-smtp1.pobox.com
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/rRpHcziQCy0UwwD6xTYGjo1ul8o>
Subject: [TLS] Sabotage?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Sep 2020 15:07:07 -0000


I get a weird feeling that the internet is being hijacked and soon it 
will be impossible to reverse course.  I have not followed the 
development of TLS 1.3 but it seems very different from TLS 1.2. Also 
TLS 1.2 is very different from TLS 1.0/1.1 (which are being 
deprecated).  QUIC looked good at a glance, but it seems to rely on TLS 
to share key material, and also I'm more than a bit concerned about its 
capability to track users.

Then there's Zoom video conferencing, where everybody working from home 
or in virtual school has an audio and video feed streaming to their 
servers.  Github is owned by Microsoft with some dire consequences.  
Lots of large companies trying to be everything to everyone, and it 
turns out they're cruel.