[hybi] Straw-poll on Masking options
Salvatore Loreto <salvatore.loreto@ericsson.com> Wed, 12 January 2011 19:58 UTC
Return-Path: <salvatore.loreto@ericsson.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED6A03A69A4 for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 11:58:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.537
X-Spam-Level:
X-Spam-Status: No, score=-106.537 tagged_above=-999 required=5 tests=[AWL=0.062, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C-E1HxY6j5g5 for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 11:58:17 -0800 (PST)
Received: from mailgw10.se.ericsson.net (mailgw10.se.ericsson.net [193.180.251.61]) by core3.amsl.com (Postfix) with ESMTP id 549263A6A8B for <hybi@ietf.org>; Wed, 12 Jan 2011 11:58:17 -0800 (PST)
X-AuditID: c1b4fb3d-b7b89ae0000036a3-f2-4d2e0864aaf1
Received: from esessmw0197.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw10.se.ericsson.net (Symantec Mail Security) with SMTP id F4.7F.13987.4680E2D4; Wed, 12 Jan 2011 21:00:36 +0100 (CET)
Received: from mail.lmf.ericsson.se (153.88.115.8) by esessmw0197.eemea.ericsson.se (153.88.115.88) with Microsoft SMTP Server id 8.2.234.1; Wed, 12 Jan 2011 21:00:36 +0100
Received: from nomadiclab.lmf.ericsson.se (nomadiclab.lmf.ericsson.se [131.160.33.3]) by mail.lmf.ericsson.se (Postfix) with ESMTP id 4933C2533; Wed, 12 Jan 2011 22:00:36 +0200 (EET)
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 1300C50573; Wed, 12 Jan 2011 22:00:36 +0200 (EET)
Received: from Salvatore-Loretos-MacBook-Pro.local (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 7D1E350127; Wed, 12 Jan 2011 22:00:35 +0200 (EET)
Message-ID: <4D2E0863.2040804@ericsson.com>
Date: Wed, 12 Jan 2011 21:00:35 +0100
From: Salvatore Loreto <salvatore.loreto@ericsson.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7
MIME-Version: 1.0
To: "hybi@ietf.org" <hybi@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: AAAAAA==
Cc: Joe Hildebrand <Joe.Hildebrand@webex.com>
Subject: [hybi] Straw-poll on Masking options
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jan 2011 19:58:19 -0000
Hi all, Masking from the client to the server has reached strong consensus within this wg as a mechanism to reduce security risks. However there is disagreement on the actual method for masking. The technical differences, pro and cons, advantages and disadvantages, as well as the legal implications of each method have already been deeply discussed. In order to settle the question of masking and find a way forward that has a wide acceptance, Joe and I, as HyBi chairs, want to check where the consensus is on the following relevant options that have been discussed (and summarized at some point in the mailing list by Eric Rescorla) 1. a fixed mask carried entirely in the packet. 2. A longish repeated mask computed from the packet. For concreteness, suppose HMAC-SHA1(<uuid>, <server-conn-key> || <client-conn-key> || <packet-key>), but obviously there's flexibility here. 3. A fully generated mask (if so specify also what you would like to use e.g. AES-CTR or HMAC-SHA). Please indicate your preference(s) or the one can meet your bar for "I could live with that"; In the case you have more then one, please put the choices in a preference order. This poll will run until January 18th. cheers /Sal -- Salvatore Loreto www.sloreto.com
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- [hybi] Straw-poll on Masking options Salvatore Loreto
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options James Graham
- Re: [hybi] Straw-poll on Masking options Adam Barth
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Maciej Stachowiak
- Re: [hybi] Straw-poll on Masking options Maciej Stachowiak
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Dave Cridland
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options Scott Ferguson
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Thomson, Martin
- Re: [hybi] Straw-poll on Masking options Eric Rescorla
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options Bjoern Hoehrmann
- Re: [hybi] Straw-poll on Masking options Martin J. Dürst
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options Salvatore Loreto
- [hybi] MUX and masking (was Re: Straw-poll on Mas… Salvatore Loreto
- Re: [hybi] Straw-poll on Masking options Greg Wilkins
- Re: [hybi] Straw-poll on Masking options Julian Reschke
- Re: [hybi] Straw-poll on Masking options Daniel Stenberg
- Re: [hybi] Straw-poll on Masking options Jamie Lokier
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Greg Wilkins
- Re: [hybi] Straw-poll on Masking options Pat McManus @Mozilla
- Re: [hybi] Straw-poll on Masking options Tomas Franzén
- Re: [hybi] Straw-poll on Masking options Cedric Vivier
- Re: [hybi] Straw-poll on Masking options Joshua Bell
- Re: [hybi] Straw-poll on Masking options Bruce Atherton
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Roberto Peon
- Re: [hybi] Straw-poll on Masking options Maciej Stachowiak
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Willy Tarreau
- Re: [hybi] Straw-poll on Masking options Salvatore Loreto
- Re: [hybi] Straw-poll on Masking options Maciej Stachowiak
- Re: [hybi] Straw-poll on Masking options Joel Martin
- Re: [hybi] Straw-poll on Masking options Joel Martin
- Re: [hybi] Straw-poll on Masking options Maciej Stachowiak
- [hybi] Security doesn't end here (was: Re: Straw-… Bjoern Hoehrmann
- Re: [hybi] Straw-poll on Masking options Anthony Catel
- Re: [hybi] Straw-poll on Masking options Hervé COMMOWICK
- Re: [hybi] Straw-poll on Masking options Hervé COMMOWICK
- Re: [hybi] Straw-poll on Masking options Gabriel Montenegro
- [hybi] reminder: Straw-poll on Masking options Salvatore Loreto
- Re: [hybi] Straw-poll on Masking options Joonas Lehtolahti
- Re: [hybi] Straw-poll on Masking options Ian Fette (イアンフェッティ)
- Re: [hybi] Straw-poll on Masking options Gabriel Montenegro
- [hybi] CPU vs bandwidth (was Straw-poll on Maskin… Willy Tarreau
- Re: [hybi] Straw-poll on Masking options John Tamplin
- Re: [hybi] Straw-poll on Masking options Ian Fette (イアンフェッティ)
- Re: [hybi] Straw-poll on Masking options Senthilkumar Peelikkampatti
- Re: [hybi] CPU vs bandwidth (was Straw-poll on Ma… Ian Fette (イアンフェッティ)
- Re: [hybi] CPU vs bandwidth (was Straw-poll on Ma… Senthilkumar Peelikkampatti
- Re: [hybi] reminder: Straw-poll on Masking options Jamie Lokier
- Re: [hybi] Security doesn't end here (was: Re: St… Jamie Lokier
- Re: [hybi] CPU vs bandwidth (was Straw-poll on Ma… Ian Fette (イアンフェッティ)
- Re: [hybi] Straw-poll on Masking options Alakkad, Achuth (GE Healthcare)
- Re: [hybi] Straw-poll on Masking options Adam Barth
- Re: [hybi] Straw-poll on Masking options Jamie Lokier
- Re: [hybi] Straw-poll on Masking options Jamie Lokier