Re: [tsvwg] New Version Notification for draft-fairhurst-tsvwg-transport-encrypt-07.txt

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Tue, 22 May 2018 08:30 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A84F512EACD for <tsvwg@ietfa.amsl.com>; Tue, 22 May 2018 01:30:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p8h2OCLsUkuU for <tsvwg@ietfa.amsl.com>; Tue, 22 May 2018 01:30:51 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [139.133.204.173]) by ietfa.amsl.com (Postfix) with ESMTP id 863A712E76A for <tsvwg@ietf.org>; Tue, 22 May 2018 01:30:51 -0700 (PDT)
Received: from Gs-MacBook-Pro.local (fgrpf.plus.com [212.159.18.54]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPA id 31AC81B001AA; Tue, 22 May 2018 09:30:17 +0100 (BST)
Message-ID: <5B03D519.9050709@erg.abdn.ac.uk>
Date: Tue, 22 May 2018 09:30:17 +0100
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Reply-To: gorry@erg.abdn.ac.uk
Organization: University of Aberdeen
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: tsvwg@ietf.org, Joe Touch <touch@strayalpha.com>
References: <152334654802.13452.17469061242049682843.idtracker@ietfa.amsl.com> <5ACC6E04.8070107@erg.abdn.ac.uk> <BB4499D9-4E55-4666-83B4-367B5EFC4369@strayalpha.com>
In-Reply-To: <BB4499D9-4E55-4666-83B4-367B5EFC4369@strayalpha.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/39dHJS70wKJPhFBxFZogqHAJmKQ>
Subject: Re: [tsvwg] New Version Notification for draft-fairhurst-tsvwg-transport-encrypt-07.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2018 08:31:08 -0000

Thanks Joe for your comments.

See our editorial notes below, but please have a look at our revised ID.

New text introduced, this was a mistake in revising the abstract, we 
think it is in scope to discuss the benefits/drawbacks of integrity 
protection also: the title and abstract focus on transport header 
confidentiality; this begs the need for sections 3.1, 3.2, and parts of 
3.4 which have nothing to do with *transport header* confidentiality -- 
the doc reports in other ways to address transport encryption in 
general; that’s a much larger issue to include, with entirely different 
implications

Para rephrased.  We do agree with this statement and have stated this 
publically when presenting this draft -- the doc speaks of ossification 
as if it is only harmful; that same ossification provides the stability 
on which other upper layer protocols often rely, so having a “stable” 
(ossified) protocol could be considered an advantage too (beyond merely 
allowing in-network devices to predict their location)

I agree with your disagreement -- I disagree that encryption of 
transport headers would prevent ossification; they could similarly be 
ossified by being the only ones supported using encryption at the endpoints

This is true, I'd love to find text we can all agree upon that says how 
we should do things in the future: but I am also aware of a wide range 
of intense feelings and operational practice in our community ... from 
those who have reacted to privacy concerns, some countries push for net 
neutrality, others on a digital divide with concerns over cost; etc etc. 
I think an important outcome of the document is to capture what is being 
done, wording has been updated -- the doc focuses on the impact of 
transport header encryption on a number of “features” that have emerged, 
but fails to address whether those “features” are desirable (i.e., just 
because we CAN do certain things, and HAVE DONE certain things, is 
independent of whether we should continue to design protocols to support 
those things)

It states: "Using encryption to provide confidentiality of the transport 
layer brings some well-known privacy and security benefits and can 
therefore help reduce ossification of the transport layer.", we also 
added text -- the intro fails to address the valid privacy motivations 
for obscuring transport information, esp. given transport protocols are 
themselves meaningful ONLY at the endpoints e.g., I could easily modify 
two hosts to exchange packets that look like UDP but are actually TCP 
this is akin to port renumbering at the endpoints fundamentally, in the 
Internet, transport headers have meaning ONLY at the two endpoints 
engaging in a given communication, so we really are “living on borrowed 
time” to assume that in-network devices can - or should - be able to 
interpret them at all, even when they appear not to be encrypted. I do 
NOT agree of nearly anything in section 2.1, especially as it is then 
used to justify the remainder of section 2 this entire section reads a 
lot like “the government needs to track your every move so we can build 
better roads for you”; it’s quite creepy.

Text was updated-- section 3 omits discussions of encrypted tunnels 
(IPsec or otherwise), all of which obscure access to transport headers

As far as I know TCP-AO-ENC is still an individual submission, I don't 
know of operational use. -- sec 3.2 (if retained, and I hope it is not), 
should include tcp-ao-enc (yes, still a draft, but relevant to the 
discussion if retained)

Added reference to TCPcrypt: draft-ietf-tcpinc-tcpcryp -- sec 3 omits 
TCPcrypt too (not sure where to put it because I haven’t cared to track 
how it has (d)evolved).

Changed the wording introducing transport to "The transport layer 
provides end-to-end interactions between endpoints (processes) using an 
Internet path." -- not sure I agree that the transport layer is the 
first end-to-end interaction across the Internet; the same is true for 
the IP layer (esp, e.g., IPv6 Destination Options, among other things).

This was not an intention -- finally, this doc seems oblivious to the 
reality that encryption is coming, like it or not - esp across the 
backbone, and that this has been the case for a while now (with VPNs).

Best wishes,

Colin and Gorry

On 11/05/2018, 05:20, Joe Touch wrote:
> Hi, Gorry, et al.,
>
> I disagree with the tone and focus of this document.
>
> It appears to give many reasons why hiding transport info from on-path observers is bad - bad for the network, bad for operators, and bad for everyone.
>
> It reads like an Orwellian propaganda brochure on how Big Brother is only here to help - won’t you leave the cameras on?
>
> The doc fails to recognize:
> 	- the fact that encryption (via tunneling, esp) is already undermining a lot of this sort of “help”
> 	- the fact that users can - and should - find a lot of what passes for “help” quite a bit creepy
> 	- the fact that transport protocols were never intended to have any meaning anywhere but the endpoints
> 		and that, in fact, that’s the only place where they do have meaning anyway
>
> If this doc goes forward, I sincerely hope there will be a more balanced presentation of the CONS of the kind of on-path snooping of traffic that this document largely presents as beneficial.
>
> Joe
>
> ———
>
> Some details follow:
>
> - the title and abstract focus on transport header confidentiality; this begs the need for sections 3.1, 3.2, and parts of 3.4 - which have nothing to do with *transport header* confidentiality
> 	- the doc reports in other ways to address transport encryption in general; that’s a much larger issue to include, with entirely different implications
>
> - the doc speaks of ossification as if it is only harmful; that same ossification provides the stability on which other upper layer protocols often rely, so having a “stable” (ossified) protocol could be considered an advantage too (beyond merely allowing in-network devices to predict their location)
> 	- I disagree that encryption of transport headers would prevent ossification; they could similarly be ossified by being the only ones supported using encryption at the endpoints
>
> - the doc focuses on the impact of transport header encryption on a number of “features” that have emerged, but fails to address whether those “features” are desirable (i.e., just because we CAN do certain things, and HAVE DONE certain things, is independent of whether we should continue to design protocols to support those things)
>
> - the intro fails to address the valid privacy motivations for obscuring transport information, esp. given transport protocols are themselves meaningful ONLY at the endpoints
> 	e.g., I could easily modify two hosts to exchange packets that look like UDP but are actually TCP
> 	this is akin to port renumbering at the endpoints
> 	fundamentally, in the Internet, transport headers have meaning ONLY at the two endpoints engaging in a given communication, so we really are “living on borrowed time” to assume that in-network devices can - or should - be able to interpret them at all, even when they appear not to be encrypted
>
> - I do NOT agree of nearly anything in section 2.1, especially as it is then used to justify the remainder of section 2
> 	this entire section reads a lot like “the government needs to track your every move so we can build better roads for you”; it’s quite creepy.
>
> - section 3 omits discussions of encrypted tunnels (IPsec or otherwise), all of which obscure access to transport headers
>
> - sec 3.2 (if retained, and I hope it is not), should include tcp-ao-enc (yes, still a draft, but relevant to the discussion if retained)
>
> - sec 3 omits TCPcrypt too (not sure where to put it because I haven’t cared to track how it has (d)evolved).
>
> - not sure I agree that the transport layer is the first end-to-end interaction across the Internet; the same is true for the IP layer (esp, e.g., IPv6 Destination Options, among other things).
>
> - finally, this doc seems oblivious to the reality that encryption is coming, like it or not - esp across the backbone, and that this has been the case for a while now (with VPNs)
>
> ----
>
>