Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging

"Scharf, Michael" <Michael.Scharf@hs-esslingen.de> Sun, 13 October 2019 20:49 UTC

Return-Path: <Michael.Scharf@hs-esslingen.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1875012004E for <tsvwg@ietfa.amsl.com>; Sun, 13 Oct 2019 13:49:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hs-esslingen.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2eY10iZAFN7l for <tsvwg@ietfa.amsl.com>; Sun, 13 Oct 2019 13:49:37 -0700 (PDT)
Received: from mail.hs-esslingen.de (mail.hs-esslingen.de [134.108.32.78]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4865120024 for <tsvwg@ietf.org>; Sun, 13 Oct 2019 13:49:36 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.hs-esslingen.de (Postfix) with ESMTP id CDDA325A19; Sun, 13 Oct 2019 22:49:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hs-esslingen.de; s=mail; t=1570999774; bh=M42gerzz/w5ndhsowbM7aLeJIr9rm0ls1TxakHNxKVM=; h=From:To:CC:Subject:Date:From; b=vUtfAnNi0BysZtzbK/8akrJR2I5vU81ARcU9Pt772JH7hMtqaEUnHrsk1QW5irCsb jESN76LJCAj/oy1eZwcZqBLcmLpogvNOkNOKOq6mUmpur3XFPrmv95d1AXSu1VWyeo 6quiWHBtDIrejGMsubQmFEpRB85OdNMmH3YdZEoo=
X-Virus-Scanned: by amavisd-new-2.7.1 (20120429) (Debian) at hs-esslingen.de
Received: from mail.hs-esslingen.de ([127.0.0.1]) by localhost (hs-esslingen.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oWcX70lbFsAy; Sun, 13 Oct 2019 22:49:33 +0200 (CEST)
Received: from rznt8102.rznt.rzdir.fht-esslingen.de (rznt8102.rznt.rzdir.fht-esslingen.de [134.108.29.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.hs-esslingen.de (Postfix) with ESMTPS; Sun, 13 Oct 2019 22:49:33 +0200 (CEST)
Received: from RZNT8114.rznt.rzdir.fht-esslingen.de ([169.254.3.61]) by rznt8102.rznt.rzdir.fht-esslingen.de ([fe80::f977:d5e6:6b09:56ac%10]) with mapi id 14.03.0468.000; Sun, 13 Oct 2019 22:49:33 +0200
From: "Scharf, Michael" <Michael.Scharf@hs-esslingen.de>
To: Lars Eggert <lars@eggert.org>
CC: Gorry Fairhust <gorry@erg.abdn.ac.uk>, Christian Huitema <huitema@huitema.net>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Thread-Topic: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging
Thread-Index: AdWCB7b2DIfjAjkL+kK7oTbHLS/7PA==
Content-Class: urn:content-classes:message
Date: Sun, 13 Oct 2019 20:49:32 +0000
Message-ID: <6EC6417807D9754DA64F3087E2E2E03E2D49CCEC@rznt8114.rznt.rzdir.fht-esslingen.de>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_6EC6417807D9754DA64F3087E2E2E03E2D49CCECrznt8114rzntrzd_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/8EbGgNqnVNYreh2AaBSK8J9d7dY>
Subject: Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Oct 2019 20:49:40 -0000

Yep, but that assumes that an undergraduate student already understands the notion of a „key“ when learning Internet Transport for the first time. That is not necessarily compatible with the table of content of many current networking textbooks.

And, yes, also such „running code“ (in various text formats) can be modified, e.g., to introduce crypto much earlier. That may be as trivial as changing any other widely deployed „running code“...

Michael



Von: Lars Eggert<mailto:lars@eggert.org>
Gesendet: Sonntag, 13. Oktober 2019 22:06
An: Scharf, Michael<mailto:Michael.Scharf@hs-esslingen.de>
Cc: Gorry Fairhust<mailto:gorry@erg.abdn.ac.uk>; Christian Huitema<mailto:huitema@huitema.net>; tsvwg@ietf.org<mailto:tsvwg@ietf.org>
Betreff: Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging

Hi,

On 2019-10-13, at 7:58, Scharf, Michael <Michael.Scharf@hs-esslingen.de> wrote:
> I guess many generations of young engineers and future software developers have learnt TCP/IP by looking at the IP and TCP headers in PCAP files.

my guess is that most students would be in control of one of the endpoints (sending or receiving the traffic of interest), in which case they can still dissect the protocol. Wireshark can decode QUIC traffic just fine if you provide it with the keys.

Lars