ietf
[Top] [All Lists]

Re: [perpass] comments and questions for the group on draft-farrell-perpass-attack-02

2013-12-09 15:10:59
On Mon, Dec 9, 2013 at 7:47 PM, Eliot Lear <lear(_at_)cisco(_dot_)com> wrote:

So back to our example: would transparent/intercepting proxies be
something you bounced back if the working group decided to allow them
after due consideration?  I ask because that is still a possible outcome.


In order to avoid any possibility of intercept in many systems, you need to
use full end-to-end encryption, where the ends are "here" and "eternity"
respectively.

I'm not sure there's any way of preventing a transparent proxy when the end
users desire it, for that matter, but they might well end up having to
entirely break their own security in doing so.

As such, I would expect (and hope) that rather than forcing cases to use
nasty things like "magic CA" TLS MITM proxies where the provider has to, by
necessity, MITM *all* data, we'd acknowledge that there exist some
use-cases where no mitigation is possible, and any heavy-handed approaches
to mitigation may prove worse in those cases than no mitigation at all.

I've currently got visions of a private key painstakingly written out onto
a post-it note on the side of the monitor.

Dave.
<Prev in Thread] Current Thread [Next in Thread>