Hi Tony, First of all EC Resolution is not a legal document, it's a legal initiative. The resolution is a "call for action" but not an action per se - there's no legal consequence other than it is possible to bring this initiative now to european parliament. Second - any member of any security body, be them management or common member, should raise similar concerns as Stephen as to why on earth I should support [unvoluntary, with my taxes] the initiative to degrade the level of my confidentiality .
The resolution raised the similar discusision in non-security groups - such as this https://www.europarl.europa.eu/doceo/document/P-9-2020-006076_EN.html - and I would expect IETF to raise such questions in the first place before even starting technical discussion on the subject - which is raised by Stephen. Although I agree the tone might be tuned to be more inviting for discussion I personally do no see anything to discuss, such requirement [visibility to third party] simply cannot be made part of the protocol which claims to provide confidentiality. It must be separate protocol then which does not put such claim. Regards, Ruslan Am Mittwoch, dem 29.09.2021 um 18:21 -0400 schrieb Tony Rutkowski: > Hiya, > Assuming you live in the EU, your assertion is not accurate. In > November of last year, the European Council adopted a EU wide > Resolution on Encryption. See at > https://data.consilium.europa.eu/doc/document/ST-13084-2020-REV-1/en/pdf > Clause 6 establishes a regulatory framework, and clause 7 calls for > the same kind of development activity being undertaken by the NCCoE - > which is ensuing in multiple venues, including ETSI. > Worth notice are the use cases discussed at the related workshop last > September in which IETF representatives participated. > Seehttps://www.nccoe.nist.gov/events/virtual-workshop-challenges-compliance-operations-and-security-tls-13 > . > Perhaps there is another jurisdiction somewhere in the world that > might be absolute in their commitment to extreme IETF TLS 1.3 > implementations, although its existence is not clear. Historically, > in the late 80s and early 90s, the IETF was more helpful in > implementing the early TLS protocols eventually adopted by ISO/CCITT > without extreme rhetoric. See > athttps://www.nist.gov/publications/secure-data-network-system-sdns-network-transport-and-message-security-protocols > Inquiring minds might also ask if such a posting to this list is > appropriate for anyone involved in IETF management. > best, > tony > > On 28-Sep-21 5:32 PM, Stephen Farrell wrote: > > > > > Hiya, > > > > On 28/09/2021 17:53, Salz, Rich wrote: > > > > > This will be of interest to some on this list. Quoting: “The > > > NCCoE > > > at NIST recognizes the challenges associated with compliance, > > > operations, and security when enterprises employ encrypted > > > protocols, > > > in particular Transport Layer Security (TLS) 1.3, in their data > > > centers. This project will use commercially available > > > technologies to > > > demonstrate a range of approaches for enabling necessary > > > intra-enterprise access to unencrypted/decrypted information. > > > > I'm glad I'm not a tax payer in a jurisdiction that's > > encouraging people to weaken the security properties this > > WG has tried hard to improve. I wonder do other parts of > > NIST sponsor work like that - it'd be a bit like [1] > > producing specs on how to get your thumb on the scales;-) > > > > From my perspective this kind of thing also makes it harder > > to figure out what overall evaluation to associate with the > > agency that produced AES, dual-ec, this stuff, and presumably > > some PQ alg "winners" in the near future. Quite the mixed > > bag that. > > > > Cheers, > > S. > > > > [1] https://www.nist.gov/pml/weights-and-measures > > > > > > > > > > > > > More at > > > https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 > > > > > > including how to participate. > > > > > > > > > _______________________________________________ TLS mailing list > > > TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls > > > > > > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
