IETF Logo Mail Archive

Re: [tsvwg] Comment on draft-ietf-tsvwg-transport-encrypt

Tom Herbert <tom@herbertland.com> Sat, 29 February 2020 02:17 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A0F83A0964 for <tsvwg@ietfa.amsl.com>; Fri, 28 Feb 2020 18:17:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zU1ypZZIX-Ja for <tsvwg@ietfa.amsl.com>; Fri, 28 Feb 2020 18:17:28 -0800 (PST)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C24673A0963 for <tsvwg@ietf.org>; Fri, 28 Feb 2020 18:17:27 -0800 (PST)
Received: by mail-ed1-x533.google.com with SMTP id m13so5667379edb.6 for <tsvwg@ietf.org>; Fri, 28 Feb 2020 18:17:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3XG4aJQ0+6vfvJW801QT8q4adEFqOEC8p7we6nZQiSU=; b=qc9ip5NG0Fo5BFFQRKSPduFOf2f3DFqJFqvydDdOHownKBqXwUSQUYSgJ9Hl77yO3G HTIcfp7Kz/s9LqT6SQWxBYSH3V6MAT14ByQON3o90y3TpkmBsqZ7X4zoUrx3J05WqMCa U2RUjjpGAP/cI7HwcOmJR3aDq9nEz9FnJw8BN7d4c9IprziSLeVaz0SSRisVkrkRu2JN qVoM1+bI1EZJS21BOb676Fl70gL/SgN9eX82Mk7KBNlWsKKYRIy3+9BhXVj6AxDUZb/k CwbLp6VGtVUaqX8Gn724nI6QIPtK7VvtsFUskIAh5IPwVe5UtxciFJB7QoRfSqsNrTOJ wdsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3XG4aJQ0+6vfvJW801QT8q4adEFqOEC8p7we6nZQiSU=; b=p7hs8Ug4M67aa2VzqWH7P4QztbgP3DqlfnhuMx/GqeKsHWXQXwgkczEO+YoV++rxiB a5d4cmGSV9iJ9pBMkQ63BPOoDauXyZFfAToYkk65vzedBAyHcX+L5NdIXLH/HL6wMv56 6IGUYt1xEuJ35Un+MFenz1vCLzcb4AyMC60b4H/zfYnwChUpoGfF1TW0H89SEt7wiTQ8 Va64i8qwKs2p18PbbCFknnwpisMuZu1jXKnda6vJsQpYkY991C10E5NG2slpvN4sZcFY ycXX3V66+vf8tdN9Zn2gBOOMu2ad29l5I1vd/OLeqfzXpopfHrcnl1om8n/fJbny9Hjd UraQ==
X-Gm-Message-State: APjAAAUxk1UCfl0R0K0NBvjwQ+NT0QwG8C3ldZmWqJei7z1rE0zvOM6s 9JzJqjxqUo4HVMoGS3ywD3uYts4xwzdABp9ZbwP9PA==
X-Google-Smtp-Source: APXvYqxzfjU1McfXvtjNw2BXcm/JyQ5BDwjCYTNDXEX01f6awmRckvaHhmW0ThgGmyphRkd73cwWVSsrrhwe6L3UYSQ=
X-Received: by 2002:a50:eb95:: with SMTP id y21mr6768129edr.212.1582942646227; Fri, 28 Feb 2020 18:17:26 -0800 (PST)
MIME-Version: 1.0
References: <CALx6S37iBDc7KxOL60=HC_QkWH06-5MU2rqrK=w+mqiKkSdc0w@mail.gmail.com> <5C993764-1D9A-4B04-A217-2B444008EBE2@strayalpha.com>
In-Reply-To: <5C993764-1D9A-4B04-A217-2B444008EBE2@strayalpha.com>
From: Tom Herbert <tom@herbertland.com>
Date: Fri, 28 Feb 2020 18:17:15 -0800
Message-ID: <CALx6S37KLMLGKnhPs4tfuR7zSA63SUqcL9tA+uo8RBFf+MX82Q@mail.gmail.com>
To: Joseph Touch <touch@strayalpha.com>
Cc: tsvwg <tsvwg@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000020e829059fad8eb9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/U17xoFfwTMonvaMkn0BLxxLiDj4>
Subject: Re: [tsvwg] Comment on draft-ietf-tsvwg-transport-encrypt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Feb 2020 02:17:30 -0000

On Fri, Feb 28, 2020, 6:03 PM Joseph Touch <touch@strayalpha.com> wrote:

> On Feb 28, 2020, at 12:30 PM, Tom Herbert <tom@herbertland.com> wrote:
> >
> > While the draft certainly has improved both in tone and content, I
> > still feel like there is one area that is very under-represented.
> > Namely the possibility of using extension headers to carry necessary
> > transport information that the network needs. I have brought this up
> > several times, and don't believe it has been adequately addressed.
>
> Tom,
>
> I thought the draft explains (IMO correctly) that the transport layer can
> make info available to the network layer, but that’s how it works. We
> shouldn’t expect that the transport header itself is available (for
> security and privacy reasons).
>

Joe,

If I understand the draft correctly, it is describing a number of use cases
where intermediate nodes are extracting information directly from transport
headers. When transport layer header is encrypted that ability is lost and
the network can't use transport layer information to the benefit of the
user. The idea of putting the necessary information elsewhere in the packet
in cleartext is what HBH could provide.

Tom


> Joe

v2.23.0 | Report a Bug | By Email