IETF Logo Mail Archive

Re: [Uta] Kathleen Moriarty's Discuss on draft-ietf-uta-tls-attacks-04: (with DISCUSS)

Aaron Zauner <azet@azet.org> Tue, 14 October 2014 13:56 UTC

Return-Path: <azet@azet.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B6C11A884C for <uta@ietfa.amsl.com>; Tue, 14 Oct 2014 06:56:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gWK2Np1KX46Y for <uta@ietfa.amsl.com>; Tue, 14 Oct 2014 06:56:18 -0700 (PDT)
Received: from mail-wi0-f175.google.com (mail-wi0-f175.google.com [209.85.212.175]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 036D01A8830 for <uta@ietf.org>; Tue, 14 Oct 2014 06:56:17 -0700 (PDT)
Received: by mail-wi0-f175.google.com with SMTP id d1so10225046wiv.2 for <uta@ietf.org>; Tue, 14 Oct 2014 06:56:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=6BQ8uHwLz+5D+X0tGAaT2oTvnAxFKE8mn7TJH+JYfuE=; b=IgQbLbR5ShD5vOPQxO4MZDBv9xfAgQLrQ6z9gEBtDzS6Dq7aMdaLOSpzsNUuBsFh02 5TmKU0UVRDuXnPIMTdMD8N1Q0W2zEXvWOtR1oPvl3fKvZfWJ77ro/EAu243qtV6xkHas LI6tCgfpc17ozKd/mg7+sMvIREKL1cd1WDPf80J9TOYq77yKnFspJLXJq7xreA6ZX72C TcZ7cN6cd2IeY20G3i3AXSqIhk4I/XM8NkngixhO3I2Uv4pqgMJh1rm6wjrQISfSrXrT VpCjZP/sPCxxis/UBmkMbPIKB1tpPuL9h9CIzscW97+MtQRHdCsLw9LkLAl6wW3Izvrq vNXA==
X-Gm-Message-State: ALoCoQlqBEstK4q3A7l6eiDmZzGJaBlHFv0DgRuBD7zZm+fxx7Jfiy+F3+vXw0e8Tz23lEKP7uAC
X-Received: by 10.180.211.226 with SMTP id nf2mr5508442wic.61.1413294976596; Tue, 14 Oct 2014 06:56:16 -0700 (PDT)
Received: from typhoon.azet.org (chello080108032135.14.11.univie.teleweb.at. [80.108.32.135]) by mx.google.com with ESMTPSA id k2sm15817717wiz.18.2014.10.14.06.56.15 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Oct 2014 06:56:15 -0700 (PDT)
Date: Tue, 14 Oct 2014 15:56:31 +0200
From: Aaron Zauner <azet@azet.org>
To: Alyssa Rowan <akr@akr.io>
Message-ID: <20141014135630.GB5499@typhoon.azet.org>
References: <20141013211915.22019.95654.idtracker@ietfa.amsl.com> <543D0CD9.7010209@gmail.com> <CA+K9O5SNLDXETS6Z+LeNtVq7wBhgj0Dq_M7ZAAriwW8+qmhJuw@mail.gmail.com> <63EDD477-3FC5-4A46-85F9-7DE84FD24BBC@akr.io>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="yEPQxsgoJgBvi8ip"
Content-Disposition: inline
In-Reply-To: <63EDD477-3FC5-4A46-85F9-7DE84FD24BBC@akr.io>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/0UOKLREEyDE9iS9BYgXCsIVBhF8
Cc: uta-chairs@tools.ietf.org, uta@ietf.org, Ralph Holz <ralph.ietf@gmail.com>, Yaron Sheffer <yaronf.ietf@gmail.com>, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-uta-tls-attacks@tools.ietf.org
Subject: Re: [Uta] Kathleen Moriarty's Discuss on draft-ietf-uta-tls-attacks-04: (with DISCUSS)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Oct 2014 13:56:24 -0000

* Alyssa Rowan <akr@akr.io> [141014 14:39]:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> On 14 October 2014 12:59:48 BST, Ralph Holz <ralph.ietf@gmail.com> wrote:
> 
> >On the second point - I am not quite so sure we should call it an attack.
> >In my experience, there are quite a few companies that use these boxes for entirely legitimate reasons -
> 
> Quite a few nation state attackers that have actually deployed them widely would no doubt argue their use is also legitimate, likely for the prevention of terror, disharmony, and other bogeymen.
> 
> Regardless of the intentions behind their use, MITM proxies do subvert the security properties of TLS as designed and deployed, and are thus correctly regarded as an attack in the general sense. I think it should absolutely be described as such.

+1.

> 
> >especially in the context of industrial espionage.
> 
> TLS interception proxies are indeed useful in that context: they present an extraordinarily attractive vector for an attacker, especially when a target has willingly deployed one and expects to see it in normal use.
> 
> I contend that they are not as useful for counter-espionage as some may think, especially given the additional threat they pose. Informed, consenting people could instead grant permissions on the endpoints to someone wishing to audit traffic (such as an antivirus utility), and this is the best place to perform scans as presumably legitimate users have legitimate admin rights and this does not affect the design or deployment of TLS.
> 
> Also of course in most deployments, both ends have not provided consent, which is worth bearing in mind in some contexts.
> 
> Anyone who's deployed one of these TLS interception middleboxes should perhaps take the opportunity to re-examine and test their assumptions about their usefulness, necessity, and their security. I would probably recommend they SHOULD NOT be used - there may be a valid reason in a specific deployment, but the risks should be weighed up and normally I feel this introduces more risk than it eliminates. To the extent it is accepted practice, I feel that is a problem.

The whole discussion is somewhat political - I don't like to go into
that kind of stuff on technical mailing lists; but: it escalated
after 9/11, most of us will agree on that. I'm not just talking
about the US of A. There has been a global policy shift. In central
europe privacy for snailmail and banking was taken for granted e.g.
a century ago by the general populus. And the arguments politicians
and lobbyists constantly bring up are simply bullshit. Successful
police work or counter-intelligence is possible without ANY use of
modern technology. There's literature en mass on that subject. Some
intelligence agencies [0] even declassified their work on these
subjects during - for example - the cold war. The same holds true
for corporate espionage, controlling and so forth. I just do not see
a valid point in subverting security/privacy protocols for the sake
of policy and politics.

But that's just my opinion,
Aaron


[0] - https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications
      (there's acutally a lot more information on that subject out
       there but I'm convinced that you all know how to use google)

v2.23.0 | Report a Bug | By Email