+1
On Tue, Jul 3, 2018 at 12:08 PM Bret Jordan <jordan.i...@gmail.com> wrote: > From a discussion on the PATIENT list found here: > https://www.ietf.org/mail-archive/web/patient/current/msg00078.html > > > From my personal perspective, we need to be careful with all of these > efforts. It feels like the pendulum has swung so far to one side, the side > of privacy-at-any-cost, that we are unknowingly increasing the risk to > individuals and organizations by enabling threat actors and intrusions sets > to attack networks and clients without any level of protection from the > network. > > It also feels like a lot of these initiatives are being done without > adequately involving and ensuring that enterprise networks and critical > infrastructure can work with these changes. Question, do we know how these > ideas and changes are going to impact an organizations ability to fulfill > their requirements for regulatory compliance? > > If we continue down these paths, then I fear networks will be required to > wrap all traffic in some other less secure protocol, outright deny some of > these protocols, or be forced to fully proxy all traffic or take an > approach that Google has done with their BeyondCorp design. > > The IETF work needs to do more outreach with enterprise networks and > critical infrastructure and be fundamentally more inclusive. > Privacy-at-any-cost is not a holistic design. > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > > > ### Copied content from the PATIENT discussion #### > > > On Tue, Jul 3, 2018 at 8:09 AM, Kathleen Moriarty <kathleen.moriarty.ietf > at gmail.com> wrote: > >> On Sun, Mar 18, 2018 at 9:06 AM, Eric Rescorla <ekr at rtfm.com> wrote: >> > >> > >> > On Sun, Mar 18, 2018 at 12:54 PM, Tony Rutkowski <tony at yaanatech.co >> ..uk> >> > wrote: >> >> >> >> Your point is one that deserves further discussion, Eric - which seems >> >> likely to scale rapidly going forward. It is key. >> >> >> >> So how does draft-ietf-tls-sni-encryption it into the argument? >> > >> > >> > As you suggest, SNI encryption is intended to conceal the SNI, which of >> > course would make SNI inspection difficult. >> > >> > My evaluation of the current state of SNI encryption is that given the >> > current technical state, it will not see particularly wide deployment, >> with >> > the primary scenario being "at-risk" sites who are subject to >> censorship who >> > either hide behind or co-tenant with sites which are not subject to >> > censorship. That probably isn't going to be incredibly common right >> now. Of >> > course, this is regrettable from the perspective of people designing >> these >> > protocols, but I think that's the situation. >> >> EKR posted a draft to encrypt SNI, see: >> https://www.ietf.org/mail-archive/web/tls/current/msg26468.html >> >> It targets the CDNs who host most of the web traffic in the US at >> least. The right place to comment on this would be the TLS list of >> course, but since proposals are being posted, this is a reality and >> needs to be discussed. Those using SNI need to make sure their use >> cases are clear and understood and argue the pros and cons. >> > > Kathleen, > > Thanks for pointing out this draft. > > As they say, predictions are hard, especially about the future. In March, > the ESNI problem looked pretty intractable and then subsequently we had > this idea about why it might be workable. > > -Ekr > > Best regards, >> Kathleen >> >> > >> > -Ekr >> > >> >> On 18-Mar-18 8:45 AM, Eric Rescorla wrote: >> >> >> >> On Sun, Mar 18, 2018 at 12:30 PM, Tony Rutkowski <tony at >> yaanatech.co.uk> >> >> wrote: >> >>> >> >>> Hi Diego, >> >>> >> >>> It is also worth referencing a relatively recent Lawfare article on >> the >> >>> scaling litigation in the U.S. against those supporting e2e encryption >> >>> services or capabilities. >> >>> >> >>> >> https://www.lawfareblog.com/did-congress-immunize-twitter-against-lawsuits-supporting-isis >> >>> >> >>> This litigation trend is also likely to increase the insurance costs >> of >> >>> providers. Indeed, a provider that supports TLS1.3, QUIC, SNI, etc, >> may not >> >>> even be able to get insurance. It may be fun and games to play >> crypto rebel >> >>> in venues like the IETF where the risk exposure is minimal, but when >> it >> >>> comes to real world consequences and costs, the equations for >> providers are >> >>> rather different. >> >> >> >> >> >> I think this rather overestimates the degree to which both TLS 1.3 and >> >> QUIC change the equation about what a provider is able to determine >> from >> >> traffic inspection. As a practical matter, the primary change from TLS >> 1.2 >> >> is that the provider does not get to see the server's certificate, but >> it >> >> does see the SNI. Given that the SNI contains the identity of the >> server >> >> that the client is connected to and that the other identities in the >> >> certificate are often whatever the provider decided to co-locate on >> the same >> >> machine, I'm not sure how much information you are really losing. >> >> >> >> -Ekr >> >> >> >>> >> >>> >> >>> >> >>> --tony >> >>> >> >>> >> >>> _______________________________________________ >> >>> PATIENT mailing list >> >>> PATIENT at ietf.org >> >>> https://www.ietf.org/mailman/listinfo/patient >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> PATIENT mailing list >> >> PATIENT at ietf.org >> >> https://www.ietf.org/mailman/listinfo/patient >> >> >> >> >> > >> > >> > _______________________________________________ >> > PATIENT mailing list >> > PATIENT at ietf.org >> > https://www.ietf.org/mailman/listinfo/patient >> > >> >> >> >> -- >> >> Best regards, >> Kathleen >> > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
