IETF Logo Mail Archive

Re: [Uta] opportunistic keying / encryption considered of dubious value

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 17 March 2014 01:28 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 412221A034D for <uta@ietfa.amsl.com>; Sun, 16 Mar 2014 18:28:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id INvqJwqtZJuK for <uta@ietfa.amsl.com>; Sun, 16 Mar 2014 18:28:51 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 4CFFC1A034B for <uta@ietf.org>; Sun, 16 Mar 2014 18:28:51 -0700 (PDT)
Received: from [10.156.156.160] (cpe-66-108-141-251.nyc.res.rr.com [66.108.141.251]) by che.mayfirst.org (Postfix) with ESMTPSA id 15982F984; Sun, 16 Mar 2014 21:28:41 -0400 (EDT)
Message-ID: <53264FC9.40106@fifthhorseman.net>
Date: Sun, 16 Mar 2014 21:28:41 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.2.0
MIME-Version: 1.0
To: Keith Moore <moore@network-heretics.com>, uta@ietf.org
References: <53249D4E.2080104@network-heretics.com> <CACsn0ckE8_-r1RcbfV-szOjPB7m4dLvc2qRJoY5L34qK0yYuYA@mail.gmail.com> <E1B265E4-D9DE-42FB-BF54-AE4CF846117A@vpnc.org> <5324ADED.4020705@network-heretics.com>
In-Reply-To: <5324ADED.4020705@network-heretics.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="1n5sq4U77ErDgIB62scI5SqdAcce22MR5"
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/PExttk_YS8BuPSEZagXEs4DoCMo
Subject: Re: [Uta] opportunistic keying / encryption considered of dubious value
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Mar 2014 01:28:53 -0000

On 03/15/2014 03:45 PM, Keith Moore wrote:
> On 03/15/2014 03:07 PM, Paul Hoffman wrote:
>> On Mar 15, 2014, at 11:43 AM, Watson Ladd <watsonbladd@gmail.com> wrote:
>>
>>> All DANE/TOFU/latching imply a commitment by both sides to maintain
>>> and manage identity.
>> A big +1 to Watson's simple explanation. DANE/TOFU/latching all
>> specify that if the initiator gets a key that is wrong, they will
>> prevent communication in order to protect the initiator.
 [...]
> I also think that if you're running a server that uses encryption, you
> should be regularly and frequently monitoring your certs, DNS records,
> etc. for validity and correctness.

Just to clarify, the work you're describing *is* the "commitment ... to
maintain and manage identity" that Watson and Paul are identifying as a
major barrier that has kept systems administrators from deploying strong
crypto.

This maintenance work is extra work that does not have to be done by a
server operator who only runs cleartext services.

Opportunistic keying (OK) also doesn't require this extra work.

OK doesn't replace or supplant encryption with properly authenticated
endpoints.  It replaces and supplants cleartext communications, while
placing no additional demands on system administrators.

Those administrators still really should move to proper strong crypto,
and software developers should produce tools with a sane UI/UX that can
minimize the hassle involved with ongoing cryptographic credential
maintenance work, to reduce the barrier that still remains.

	--dkg

v2.23.0 | Report a Bug | By Email