Re: [TLS] Asymmetric TLS

2016-04-05 Thread Rick van Rein
Hello Phil, > I have a use-case for allowing an MITM to monitor traffic, but not > impersonate a server, and to allow MITM signing for replay of > server-responses to support caching. > This sounds like attack monitoring (going beyond DoS for which SNI frequencies might already be helpful). This

Re: [TLS] Asymmetric TLS

2016-04-05 Thread Sniffen, Brian
I suspect the right place to do this is not at the TLS layer. As Bill said: do it with two TLS sessions, and then provide authenticated, cacheable objects. The sub-resource-integrity system tried to achieve that, and seems to get pretty close. -Brian > On Apr 4,

Re: [TLS] Asymmetric TLS

2016-04-05 Thread Bill Frantz
To avoid a lot of "Over my dead body" comments, these requirements should be met with a very visible man in the middle and two (or more) TLS sessions. This architecture should provide some security from unwanted men in the middle, as well as making it obvious to the endpoints who that man in th

Re: [TLS] Asymmetric TLS

2016-04-05 Thread Stephen Farrell
On 05/04/16 18:29, Sean Turner wrote: > But, what I will say as chair is that this would most definitely > require a charter change for the WG. FYI: you'd also have to climb over an AD-dead-body to get that. S. smime.p7s Description: S/MIME Cryptographic Signature ___

Re: [TLS] Asymmetric TLS

2016-04-05 Thread Sean Turner
With my chair hat on, I won’t comment one way or the other on whether this should be done, but we have gone down this path before. As I recall, the proposal was pretty resoundingly rejected. But, what I will say as chair is that this would most definitely require a charter change for the WG.

Re: [TLS] Asymmetric TLS

2016-04-05 Thread Salz, Rich
On 4 April 2016 at 14:24, Phil Lello wrote: > Would there be interest in extending TLS to: > - allow monitoring-with-consent (based on asymmetric encryption)? > - allow re-signing from an authorised MITM to support caching? This is very bad; no. __

Re: [TLS] Asymmetric TLS

2016-04-04 Thread Eric Rescorla
Let's not do this. See https://www.ietf.org/mail-archive/web/tls/current/msg19347.html for an alternative design for this that does not require weakening TLS. -Ekr On Mon, Apr 4, 2016 at 2:24 PM, Phil Lello wrote: > Hi, > > I have a use-case for allowing an MITM to monitor traffic, but not >

Re: [TLS] Asymmetric TLS

2016-04-04 Thread Martin Thomson
On 4 April 2016 at 14:24, Phil Lello wrote: > Would there be interest in extending TLS to: > - allow monitoring-with-consent (based on asymmetric encryption)? > - allow re-signing from an authorised MITM to support caching? no ___ TLS mailing list