Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

Peter Gutmann <> Tue, 12 November 2019 07:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B3B5212016E; Mon, 11 Nov 2019 23:07:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XzMH_zRXH9LX; Mon, 11 Nov 2019 23:07:02 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3105F120145; Mon, 11 Nov 2019 23:07:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1573542422; x=1605078422; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=U0OMiPdaIgA95nO98BKZhliN9ovsHho/XZ2tSQMdZho=; b=DzYOz4AwLEdsgtCbt5n0IOmE2vGRRzau8oTv0bm/OgMfFLpr5+VHFbpH Ja+OjSt6dYdVdjuL3hTBXHItvtq1JZYMrIIoTPUKwjAmptXfKBBUxU4CO XYeUFCSlIczRmlUXjCFe68KMZw39axkBrydEkG0VuNqS0SkSDnMFkM9N0 9v+i60m+qZp95E0MLKluB9c7sUbkrp+wXIrn9pvHKzbCgHSne72BMldSI xnEjpGuK1XPRPe9ZgQIhELK5EhLg8DMxk/8QP79KRwkAagYCZ5ydxqNu+ HgKQwBQHJtwSxF5yo+aL7SeaysO53iwpBN/uxcQQWChThi8uJZ0oV3Mf2 A==;
X-IronPort-AV: E=Sophos;i="5.68,295,1569240000"; d="scan'208";a="99375063"
X-Ironport-Source: - Outgoing - Outgoing
Received: from ([]) by with ESMTP/TLS/AES256-SHA; 12 Nov 2019 20:06:58 +1300
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 12 Nov 2019 20:06:57 +1300
Received: from ([]) by ([]) with mapi id 15.00.1395.000; Tue, 12 Nov 2019 20:06:58 +1300
From: Peter Gutmann <>
To: Tom Herbert <>
CC: Stephen Farrell <>, David Schinazi <>, Joe Touch <>, "" <>, Mirja Kuehlewind <>, tsvwg IETF list <>, "" <>
Thread-Topic: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
Thread-Index: AQHVlYavl0m+OZkGmkq1dk9tU/YKeqeHJEC3
Date: Tue, 12 Nov 2019 07:06:58 +0000
Message-ID: <>
References: <> <> <> <> <> <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Nov 2019 07:07:06 -0000

Tom Herbert <> writes:

>The problems of protocol ossification and middleboxes meddling in E2E
>protocols has been discussed at length in IETF in various contexts.

I'm aware of RFC 3234, which was written seventeen years ago and focuses on
middleboxes messing with application-layer data, as well as farcical stuff
like RFC 3424, of the same vintage, but it's mostly complaining rather than
actual rigorous analysis, and often seems to be based on opposition to
middleboxes as an article of faith, notoriously manifested in IPsec's "NAT is
bad, therefore we will make sure IPsec breaks NAT, because NAT is bad", which
has caused endless headaches for pretty much anyone who's ever had to work
with IPsec ever since.

In particular for this case, since the discussion is about header encryption
and not middleboxes in general, I'm not aware of any rigorous analysis of its
purported benefits, or even a clear statement of its purported benefits,
something like "here is a definition of the service that header encryption
provides, here is a real-world study showing that it provides this and
demonstrating that it can't be readily defeated".  Contrast this with the two
dozen plus studies that look at the analysis of encrypted traffic despite the
encryption, an example being (just one picked at random) "Identifying HTTPS-
Protected Netflix Videos in Real-Time", Andrew Reed and Michael Kranch,
Proceedings of the 7th Conference on Data and Application Security and Privacy
(CODASPY'17), March 2017, p.361.

So when people complain that the draft doesn't say enough about all the Good
Things header encryption provides, I would respond that it does, it's cited
all of the available literature on the benefits of header encryption, and all
of the studies showing that it's effective, in Appendix B.

The draft is actually quite restrained in this regard, as I mentioned in my
previous message the two notable examples of header encryption/protection
deployed at scale into the real world, IPsec and SSH, have both been a
disaster (for functionality, IPsec, and security, SSH), but it very politely
omits mention of this.