Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Tom Ritter <tom@ritter.vg> Mon, 17 July 2017 12:21 UTC

Return-Path: <tom@ritter.vg>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E698131B46 for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:21:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ritter.vg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Og26n2JMovn for <tls@ietfa.amsl.com>; Mon, 17 Jul 2017 05:21:41 -0700 (PDT)
Received: from mail-ua0-x230.google.com (mail-ua0-x230.google.com [IPv6:2607:f8b0:400c:c08::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 476AE131B3F for <tls@ietf.org>; Mon, 17 Jul 2017 05:21:41 -0700 (PDT)
Received: by mail-ua0-x230.google.com with SMTP id z22so92173238uah.1 for <tls@ietf.org>; Mon, 17 Jul 2017 05:21:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gBVtNTdzap0tHzLyi8wKwSUsXui9ZErN/K0B7c3TXrQ=; b=TnId/WckcFG4RMGydmK7FofVwhuXJVzJpsUXmP+it3g0f8HSD11GiNH4tyBDU1y6Sy qfCx7md6P8rjGG4MN5RrHd2ErqkckCkPz1vg0QAMBrrkz8xedaYdr/20Cys9hQS2y8vl Dj84velQygIXInwHO9R0J3kT7MjtTkPLsWBxY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gBVtNTdzap0tHzLyi8wKwSUsXui9ZErN/K0B7c3TXrQ=; b=AIsBib1kebBIm0kEi+Vz59xZlf5FCsakypmlY1QzUQWA6z8z3zq4+eHJTm9jSuJ6O9 pWzj+0DuRlYssFcGGU1OZWeCp9RUUHLOzQbI3lzNEYBXx1tZfK1cSBYsMhi+LM9BBK4J H8ZnQMT6eJ85yI5PAGBUfy5SWozkioK5+TWo76HeX5WPTbZDrFbtRmMFD/p6ienVfYV4 96nVC0HGkArOlenvIea6rIWPs9+p0fQbVQRgfauadEqHDdHvi1i23LnIRWkmMVbed8pl +fc7kYQwqr7zgkghorCME2iLBl97d3587wXqPSK02hF68Fq0YYVRNudJ6D85DHAG7ND2 0gqg==
X-Gm-Message-State: AIVw112+Il+75bYau7ul1E//7jQY/5Q7PcevAQ35eLOMzhfd9c5QZp7N +/m5yoe6nbD3Lmh4YzivDFEQ/LD3Hw0D
X-Received: by 10.31.220.199 with SMTP id t190mr12091911vkg.132.1500294100167; Mon, 17 Jul 2017 05:21:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.65.195 with HTTP; Mon, 17 Jul 2017 05:21:39 -0700 (PDT)
Received: by 10.176.65.195 with HTTP; Mon, 17 Jul 2017 05:21:39 -0700 (PDT)
In-Reply-To: <BF5045B6-D282-41D6-A979-DB9A2B51679A@arbor.net>
References: <CAPCANN-xgf3auqy+pFfL6VO5GpEsCCHYkROAwiB1u=8a4yj+Fg@mail.gmail.com> <CAOjisRxxN9QjCqmDpkBOsEhEc7XCpM9Hk9QSSAO65XDPNegy0w@mail.gmail.com> <CABtrr-XbJMYQ+FTQQiSw2gmDVjnpuhgJb3GTWXvLkNewwuJmUg@mail.gmail.com> <8b502340b84f48e99814ae0f16b6b3ef@usma1ex-dag1mb1.msg.corp.akamai.com> <87o9smrzxh.fsf@fifthhorseman.net> <FD5D1E4D-23CE-4483-B717-ECD249AC76FA@arbor.net> <87pod1qqh5.fsf@fifthhorseman.net> <BF5045B6-D282-41D6-A979-DB9A2B51679A@arbor.net>
From: Tom Ritter <tom@ritter.vg>
Date: Mon, 17 Jul 2017 07:21:39 -0500
Message-ID: <CA+cU71k6bucRAQtQg_tZP0D4AHnRLVikSydb+6n1mF3LGyBuWg@mail.gmail.com>
To: Roland Dobbins <rdobbins@arbor.net>
Cc: Matthew Green <matthewdgreen@gmail.com>, dkg <dkg@fifthhorseman.net>, tls@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c07cc7ee641c2055482705d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/wVilTUis-mnVAHyKlYx7aezmxjw>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 12:21:43 -0000

On Jul 17, 2017 6:06 AM, "Roland Dobbins" <rdobbins@arbor.net> wrote:

On 16 Jul 2017, at 0:34, Daniel Kahn Gillmor wrote:

Strongly enough to support a proposal that would require this to be
> opt-in from both sides, with an explicit and verifiable exfiltration
> authority, so that no standard implementation of the proposed mechanism
> could be accidentally turned on unilaterally without detection by the
> unwitting peer?
>

Quite possibly, yes - the devil will be in the details, but the concept is
perfectly valid, IMHO.


I've read or skimmed much of these threads. I support an opt-in mechanism
like the one I think dkg is imagining.

It should be visible on the outside on the connection, so middle boxes that
don't break TLS can see that TLS is being broken. (Is that irony? After
Alanis I'm never sure anymore...)

I don't know enough minutia to have a well considered opinion about what
track such a doc should be, but not-Standards seems good.

-tom