Peter Saint-Andre wrote:
This morning I had a short chat about end-to-end encryption with a former Unix kernel hacker, who said that as an IM user he (and people he chats with) would probably be happy enough if all the c2s and s2s channels were encrypted.
So I had a chat with someone about that idea today.I freely grant that not everyone trusts their server! This idea is for people who do. [1]
So let's say I trust my server. And I trust you. And you trust your server. (To whatever extent "trust" has meaning for me and for you.)
Given one hop from client to server and one hop from server to server, I would like to know three things:
1. If I have a TLS-encrypted connection to my server. 2. If my server has a TLS-encrypted connection to your server. 3. If you have a TLS-encrypted connection to your server.Right now I can know #1 but I can't know #2 and #3. It would be nice to have a way to discover that.
Presumably I can query my server about its connection to your server. My query and my server's reply happen over a TLS-encrypted channel so it can't be tampered with. If I trust my server and it has some trust relationship with your server (common root CA or whatever), then I am two-thirds of the way there.
I can query you about your connection to your server but I can't trust that because it is possible that you don't have an encrypted channel to your server, so someone ("Eve") could fake "your" response and tell me that your connection to your server is encrypted when it is not.
Is there a way for my server to ask your server if your connection to your server is encrypted?
If so, this would enable me to feel my way along the hops. I know my hop to my server is encrypted. I ask my server about its connection to your server. My server asks your server about its connection to you. If all three come back "Check! TLS enabled!" then I at least have confidence that there is no eavesdropper along the chain.
Naturally there still might be Ivan and Justin and all the rest lurking among the servers, your device might have a keystroke logger installed, you might be logging our conversation into plaintext logs or an IRC channel somewhere or whatever. But if we could at least know with some level of assurance and trust that all the hops are encrypted, we would be farther along than we are today. This might provide some level of assurance to Aunt Tillie and Joe User while we wait for ESessions or XTLS or whatever to be widely deployed. And it might be enough for some environments (supply chains, internal corporate deployments with multiple servers, military applications on the SIPRnet, etc.).
Thoughts? /psa[1] Who could that possibly be? Well, I for one trust my server because I'm the server admin. You may not trust that server as much because you don't necessarily trust me, you don't think I'm competent, you don't know if I'm the only server admin, etc. Or you may work for the US Marines and you have no choice of server provider and you simply trust that your superiors are doing the right thing. Whatever the scenario, you trust your server (as much as it can be trusted or as much as you think that's worth).
smime.p7s
Description: S/MIME Cryptographic Signature
