Hi Ben, Mark, On 09/17/2013 05:15 PM, Ben Laurie wrote: > On 17 September 2013 13:17, Mark Handley <[email protected]> wrote: >> >> On Tue, Sep 17, 2013, at 04:40 AM, Scott Brim wrote: >> >> With the entire web moving To UDP and QUIC, tcpcrypt isn't nearly so >> interesting. >> >> QUIC is pretty interesting as a protocol and does a lot of things that TCP >> should have evolved to do. From a security point of view, if I understand >> the design documents correctly, it's really a drop-in replacement for >> TLS/TCP. Thus it seems to suffer from the same issues TLS does - not >> enabled sufficiently frequently (you can argue about why, but we've been >> doing that for a very long time), and dependence on the CA infrastructure. >> Thus it seems likely to be mostly deployed in places that already do TLS. >> >> QUIC could, of course, take the same approach as tcpcrypt. Do encryption by >> default using ephemeral public keys, even with no configuration, but provide >> the hooks to enable various forms of authentication. From what I've read, >> it doesn't seem to do that. Please correct me if I misunderstood though. > > You are right, but there's no reason not to extend QUIC to do > ephemeral encryption. That wasn't the use case we were thinking about > when we designed it. > > Seems like a useful thing for the IETF to consider.
So does someone have some concrete next steps in this master plan? (Which sounds interesting to me at least.) Maybe make a proposal to the tcpm wg to adopt tcpcrypt, examine tcpcrypt as an approach for mptcp and then start on a QUIC-with-similar-crypto or something? If its too early for that last step, is someone gonna propose one or both of the others? Or something else? This being the IETF, someone needs to push it along or nothing will happen. Cheers, S. _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
