Re: [TLS] Industry Concerns about TLS 1.3

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 23 September 2016 21:21 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BEEE12B924 for <tls@ietfa.amsl.com>; Fri, 23 Sep 2016 14:21:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.617
X-Spam-Level:
X-Spam-Status: No, score=-6.617 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PyAi-94_fZWj for <tls@ietfa.amsl.com>; Fri, 23 Sep 2016 14:21:07 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B048F12B618 for <tls@ietf.org>; Fri, 23 Sep 2016 14:21:07 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 1108ABE38; Fri, 23 Sep 2016 22:21:05 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R3myY-oGPYGx; Fri, 23 Sep 2016 22:21:03 +0100 (IST)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4A2B0BE32; Fri, 23 Sep 2016 22:21:03 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1474665663; bh=I9IpTH3ZAVPwQ5jrBpUj+s/MhOP+cwf0p1vU8BenVIE=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=jTkf6EvI+eZJIA6FFGwbmzr7tj8fKOn7lv+JTWebIjTXABIrtScjLPrg/wdosWxPt VRdsgv+cziG2FuLLbCR/Z1Mrtog8fAaVNkh4p71NO4nrc7oRDa06kUMbmTb1XU+1aW Jknzb7J/5apVAI6h2zWS9kxmz0BKdGaSno56fx6A=
To: BITS Security <BITSSecurity@fsroundtable.org>, "Salz, Rich" <rsalz@akamai.com>, "nalini.elkins@insidethestack.com" <nalini.elkins@insidethestack.com>
References: <DM5PR11MB1419B782D2BEF0E0A35E420DF4C90@DM5PR11MB1419.namprd11.prod.outlook.com> <CO1PR07MB283F2C414B6478E993675DEC3C90@CO1PR07MB283.namprd07.prod.outlook.com> <394611bf-208f-03d3-620c-79aaf169645b@cs.tcd.ie> <4FC37E442D05A748896589E468752CAA0DBC66AE@PWN401EA120.ent.corp.bcbsm.com> <CAH8yC8kgYzYXwJ01NkK7WYxD-diponWEQOd+MNHssm+bLHE54w@mail.gmail.com> <4FC37E442D05A748896589E468752CAA0DBC699B@PWN401EA120.ent.corp.bcbsm.com> <CACsn0c=5vjzQmr=ah6sH1JzTj3peaKad7aCPertcqD4B2DLKiA@mail.gmail.com> <72011214.413503.1474650126973@mail.yahoo.com> <e24a06b8d0d04ccc80b9a55d83bf5606@usma1ex-dag1mb1.msg.corp.akamai.com> <DM5PR11MB141926C5806296FFD7252A45F4C80@DM5PR11MB1419.namprd11.prod.outlook.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <dc319eac-a10c-42ec-aeba-8febdd374236@cs.tcd.ie>
Date: Fri, 23 Sep 2016 22:21:03 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <DM5PR11MB141926C5806296FFD7252A45F4C80@DM5PR11MB1419.namprd11.prod.outlook.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060702010207030104020108"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/z1MwHBEmJCeiS73OBu1puSDVHFk>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Industry Concerns about TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Sep 2016 21:21:10 -0000

Andrew,

On 23/09/16 21:31, BITS Security wrote:
> We do however want to raise our concern (and hopefully your
> awareness) of what appears to be an unintended consequence of the
> move to PFS-only choices.

I don't believe I've heard anything in this discussion so far
that wasn't well-known and discussed when the WG decided to
remove static RSA key transport a couple of years ago but I've
not gone back and checked the list archive and meeting minutes.

Given what you say above, am I right in assuming that you
yourself went back and reviewed those in order to reach the
conclusion that these are unintended consequences and not just
the result of a well-considered analysis? If so, can you say
exactly what was not considered before? If not, then maybe
you could consult the archive and minutes, as that's the usual
expectation in the IETF.

S.