Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019

Joe Touch <touch@strayalpha.com> Wed, 09 October 2019 14:39 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 184D412010E for <tsvwg@ietfa.amsl.com>; Wed, 9 Oct 2019 07:39:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.219
X-Spam-Level:
X-Spam-Status: No, score=-1.219 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CqDpA8bpp5la for <tsvwg@ietfa.amsl.com>; Wed, 9 Oct 2019 07:39:01 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AA7112006E for <tsvwg@ietf.org>; Wed, 9 Oct 2019 07:39:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=4PkVmaB/wLMI9Via/CHMv+NPtWK6rNzF+4dL3cJyrt0=; b=aQjhDaogaQ9UJsZth2Xpkgw1m 8lBfOubMdnA4HhotbMm/UD9+yrNdv7EEiFt6+vp1NMFfUvVJ/1xWgJbxfdiBR9sSV/ZUTpPpxvEQM fdes04LAcvvZKhbO7a4Pptd0JO/emO0NN3GCgb2opR/c4fLBph6/7wUeBNbOOR0/X0qYNUBOz4k4r Lk/c+YElrWuqtfs9/9tcCCZq1Dsr2cG+u+1XeN1tHFk6sDmRBY34idKtp2jWCvjIhLkPag/TCTBnH gNkRMNtU5pFwpM4mYSf8h+xQVVqk/0ZERlBZ6plqHMDCiFb1cbRXHDpeZ10Df47veX+6yFcZUfdGu YYbonvpkQ==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:61426 helo=[192.168.1.10]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <touch@strayalpha.com>) id 1iID79-000RtD-HU; Wed, 09 Oct 2019 10:39:00 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_A9677104-F7CF-4406-8B1D-FE8B28CC450E"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <e8c30f3f-606f-0c0d-a7dd-b2bb6f31a9fd@huitema.net>
Date: Wed, 9 Oct 2019 07:38:52 -0700
Cc: "Black, David" <David.Black@dell.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>
Message-Id: <A2F184BB-E352-4AE6-B7A0-FDF6D8851DFB@strayalpha.com>
References: <CE03DB3D7B45C245BCA0D2432779493630766752@MX307CL04.corp.emc.com> <e8c30f3f-606f-0c0d-a7dd-b2bb6f31a9fd@huitema.net>
To: Christian Huitema <huitema@huitema.net>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/SuT5mk4CgY1KADysy6Aw65szTQ8>
Subject: Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 14:39:03 -0000

+1

IMO, this isn’t a “tussle” so much as “I really want to do something I know I shouldn’t be doing”.

A lot of what transport security prevents is - from the middlebox view - a problem.

For many of us users, preventing middleboxes from doing things like hijacking web, email, and DNS is *exactly* the protection we were seeking.

Joe

> On Oct 9, 2019, at 7:32 AM, Christian Huitema <huitema@huitema.net> wrote:
> 
> As the draft mentions:
> 
>    The use of transport layer authentication and encryption exposes a
>    tussle between middlebox vendors, operators, applications developers
>    and users
> Much of the draft reads like a lamentation of the horrible consequences of encrypting transport headers, which looks very much like embracing the point of view of the middlebox vendors. Expressing that point of view is of course fine, and it might be enough to change the title, abstract and introduction to reflect that this is an opinion piece. But as a transport working group document I would like something a bit more balanced. It should spend more time acknowledging the ossification and privacy issues. It should ideally lay the ground work for alternative management solutions, such as controlled exposure like the spin bit in QUIC, IP header information, or standardized logs like the QLOG effort.
> 
> -- Christian Huitema
> 
> 
> 
> On 10/8/2019 2:08 PM, Black, David wrote:
>> FYI – some OPS area and SEC area eyes on this TSVWG draft now (during WGLC) would be a good thing ;-).
>>  
>> Thanks, --David (TSVWG co-chair)
>>  
>> From: Black, David <david.black@emc.com> <mailto:david.black@emc.com> 
>> Sent: Tuesday, October 8, 2019 5:06 PM
>> To: tsvwg@ietf.org <mailto:tsvwg@ietf.org>
>> Cc: Black, David
>> Subject: WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
>>  
>> This email announces a TSVWG Working Group Last Call (WGLC) on:
>>  
>> The Impact of Transport Header Confidentiality on Network Operation and
>>                        Evolution of the Internet
>>                  draft-ietf-tsvwg-transport-encrypt-08
>> https://datatracker.ietf.org/doc/draft-ietf-tsvwg-transport-encrypt/ <https://datatracker.ietf.org/doc/draft-ietf-tsvwg-transport-encrypt/>
>>  
>> This draft is intended to become an Informational RFC.
>>  
>> This WGLC will run through the end of the day on Wednesday, October 23.
>> That should allow time before the Singapore draft submission cutoff for
>> the authors to revise the draft with any changes that result from WGLC.
>>  
>> Comments should be sent to the tsvwg@ietf.org <mailto:tsvwg@ietf.org> list, although purely
>> editorial comments may be sent directly to the authors. Please cc: the
>> WG chairs at tsvwg-chairs@ietf.org <mailto:tsvwg-chairs@ietf.org>  if you would like the chairs to
>> track such editorial comments as part of the WGLC process.
>>  
>> No IPR disclosures have been submitted directly on this draft.
>>  
>> Thanks,
>> David, Gorry and Wes
>> (TSVWG Co-Chairs)
>>  
>> 
>> 
>> _______________________________________________
>> saag mailing list
>> saag@ietf.org <mailto:saag@ietf.org>
>> https://www.ietf.org/mailman/listinfo/saag <https://www.ietf.org/mailman/listinfo/saag>