On Mon, Mar 19, 2018 at 01:23:30PM +0000, Yoav Nir wrote: > Hi, Daniel > > Inline... > > > On 19 Mar 2018, at 7:32, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote: > > > > > > So if this technology were deployed on a network where not all parties > > are mutually trusting, it would offer network users a choice between > > surveillance by the network on the one hand (opt-in) and censorship on > > the other (opt-out and be blocked). Is that right? > > I see it a little differently. Your computer or my computer, both of which > are not configured to opt-in, should not be on such networks. In the > corporate world, there could be a production network that enforces this and > has access to corporate resources. There will usually also be a “guest” > network with unfiltered connectivity, but no access to internal databases. > This is where visitors go, but also where employee phones connect. > > Of course the government of Elbonia might require all networks to have this > feature, and then you’ll have to decide if you want to configure your laptop > to opt-in. I would prefer to stay off-line while I’m in Elbonia in that case. > > > Designing mechanism for the Internet that allows/facilitates/encourages > > the network operator to force this choice on the user seems problematic. > > Why do we want this for a protocol like TLS that is intended to be used > > across potentially adversarial networks? > > This is for hosts using network owned by the same entity that owns the hosts. > When such hosts communicate outside this network, it’s for the leg of the > connection that is within this network. I don’t see any use for it across an > adversarial network. If you trust it enough to give it your keys, it’s not > adversarial.
If the network is actually trusted, then there is no need for transport encryption at all. So, whether due to real risk or risk perceived by compliance regimes, the network must be considered to potentially be adversarial. Perhaps this could be rephrased as "the intended network is operated by a trusted entity", but is the network authenticated? With an attacker potentially in play, is the network compromised? It's hardly a home run to blithely claim that the network is trusted, without further exposition. -Ben _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
