On Mon, Jul 17, 2017 at 10:23 AM, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> wrote: > And why are you unable to understand that that in the case of an > additional layer of > attacker-generated crypto nestled within a TLS tunnel, as you posited, that > the ability > to simply detect the presence of such an additional layer of unexpected > crypto, even > without the ability to immediately decrypt it, has substantial value in a > security context? > > It may, or it may not – depending on the sophistication of your adversary. It > is not given that you’d be able to “simply detect the presence of an > additional crypto layer”, particularly if measures are taken to hide it.
+1. For example, Rule of 2 in Fishbowl encryption: https://en.wikipedia.org/wiki/Multiple_encryption. And since WebCrypto is [mostly] standardized, sometimes it will happen as JavaScript is encryption applied to the protected stream that inadvertently gets TLS encryption applied. Its just a matter of time before it trickles into components like RabbitMQ. Jeff _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls