Well, exactly. It seems like the following have equivalent security properties:
- Shipping out each session's keys as lines in SSLKEYLOGFILE over an ECDHE TLS connection - Shipping out each session's keys as an ECIES-encrypted package carried in a TLS extension Either way, you're doing a DH with the key recipient's public key and using that to encrypt the keys. On Thu, Mar 15, 2018 at 6:42 PM, Salz, Rich <[email protected]> wrote: > I think if we ship the keys over some kind of secure socket layer we > should be okay, right? > > > > > > *From: *Yoav Nir <[email protected]> > *Date: *Thursday, March 15, 2018 at 6:41 PM > *To: *Richard Barnes <[email protected]> > *Cc: *Rich Salz <[email protected]>, Hubert Kario <[email protected]>, " > [email protected]" <[email protected]> > *Subject: *Re: [TLS] TLS interception technologies that can be used with > TLS 1.3 > > > > IIUC not quite. There is an API, so the application that uses the library > can get the keys. The application can then save it to a file, send it to a > central repository, send it to the government, or whatever else it might > want to do. > > > > There is no built-in setting where OpenSSL writes the keys to a file, nor > do applications such as web servers do this AFAIK. > > > > It should not be difficult to write, but is not provided in off-the-shelf > software. > > > > Making the library send this in-band in some protocol extension is a far > bigger endeavor. It’s also a dangerous switch to leave lying around. > > > > On 16 Mar 2018, at 0:16, Richard Barnes <[email protected]> wrote: > > > > Just to confirm that I understand the scope of the discussion here: > > > > - TLS libraries have facilities to export keys from the library > > - Obviously, it's possible to ship these exported keys elsewhere (`tail -f > $SSLKEYLOGFILE | nc $LOGBOX`) > > > > So all we're really talking about is whether to define a way to do the > shipment of the exported keys in-band to the TLS session. > > > > > > On Thu, Mar 15, 2018 at 3:05 PM, Salz, Rich <[email protected]> wrote: > > This is what OpenSSL provides: > https://www.openssl.org/docs/manmaster/man3/SSL_CTX_get_ > keylog_callback.html > > > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls > > > > >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
