IETF Logo Mail Archive

Re: [Uta] opportunistic keying / encryption considered of dubious value

Leif Johansson <leifj@mnt.se> Sun, 16 March 2014 14:01 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E22A1A01F2 for <uta@ietfa.amsl.com>; Sun, 16 Mar 2014 07:01:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id znzoDinfNEBP for <uta@ietfa.amsl.com>; Sun, 16 Mar 2014 07:01:37 -0700 (PDT)
Received: from mail-lb0-f169.google.com (mail-lb0-f169.google.com [209.85.217.169]) by ietfa.amsl.com (Postfix) with ESMTP id B99441A0125 for <uta@ietf.org>; Sun, 16 Mar 2014 07:01:36 -0700 (PDT)
Received: by mail-lb0-f169.google.com with SMTP id q8so3062268lbi.28 for <uta@ietf.org>; Sun, 16 Mar 2014 07:01:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=Eeu/vFI+tYqo2UtDLqea2Pzd8J11HUX2Bm1iKRG4DSI=; b=Tb4A61SjzqRL7j4ZcJa9B8bmPvHV0Jc+1kzBd4MaeMAegSoMQ82QEXUQX8tShCJI22 RFHw641lmXo90J1JSMivtyKcc5zxNNsXIaB/1VDUnPHFpKn+U2RGK6UG9r4xf7VVWoMP bDCZD0wAXSr7GO2iqm7O/Qxdn6C9e53EiBc3x2R7+LZtDCmSOhyIenDNip+6pLY18MI9 pxbGJWA4YZI5OGFFr33TqM5PfHMT1EyGy8RMEVIWTUAO8HDD7Pr0I/iUNfSkgUVuIB8V jQUn2ynCwiiQStaWrllF7U698gX2EeAEinJFrAgVKHu+iXELGS3ZeoEXXZ93a76RxdiX oKbA==
X-Gm-Message-State: ALoCoQnt7ay2d/fqRL962ISGdR+re8fTKZcLz6WeILJ/PoCu/3gE/a8cBzSz+NcLW94i6nM8e53a
X-Received: by 10.152.170.202 with SMTP id ao10mr129142lac.46.1394978488494; Sun, 16 Mar 2014 07:01:28 -0700 (PDT)
Received: from [10.0.0.115] (tb62-102-145-131.cust.teknikbyran.com. [62.102.145.131]) by mx.google.com with ESMTPSA id ml10sm2986300lbc.29.2014.03.16.07.01.21 for <uta@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 16 Mar 2014 07:01:26 -0700 (PDT)
Message-ID: <5325AEB2.9070804@mnt.se>
Date: Sun, 16 Mar 2014 15:01:22 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: uta@ietf.org
References: <53249D4E.2080104@network-heretics.com> <5324ECFC.2050004@akr.io> <53256D07.7020005@network-heretics.com>
In-Reply-To: <53256D07.7020005@network-heretics.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/yGwZIM10XkRs40cRznUIqjqIUig
Subject: Re: [Uta] opportunistic keying / encryption considered of dubious value
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Mar 2014 14:01:38 -0000

On 2014-03-16 10:21, Keith Moore wrote:
> On 03/15/2014 08:14 PM, Alyssa Rowan wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> On 15/03/2014 18:34, Keith Moore wrote:
>>
>>> I wonder whether it's worth the effort for us to specify, and for
>>> implementors to implement, uses of TLS that only provide encryption
>>> which is easily defeated by man in the middle attacks.
>> Yes.
>>
>> HTTP/2 (and other protocols) need it as their new baseline instead of
>> cleartext. It should never be presented as secure (https:), but it
>> defeats passive content analysis/manipulation. That is critical to
>> defeating deployed pervasive surveillance.
> Maybe I should have made my question a bit clearer.   My concern is that
> we'll go to the effort to specify, and implementors will go to the
> effort to implement, measures that only provide protection against
> passive eavesdropping.   Then MITM attacks will become more common, and
> we'll have squandered our opportunity to thwart them.

Speaking as an individual...

You seem to be assuming that it is possible to "just switch to MITM". I
believe there is evidence to suggest that active MITM attacks are either
targeted and expensive or pervasive and hilariously, possibly
prohibitively expensive.

I think that the point of the exercise: dramatically increase the cost
of pervasive attacks on the system so that a real cost/benefit analysis
has to be made before investing in them.

	Cheers Leif

v2.23.0 | Report a Bug | By Email