TLS or Not for CEMA
Eric Burger <eburger <at> standardstrack.com>
2011-08-22 16:37:37 GMT
The CEMA draft, the latest incarnation of session matching, is almost ready for submission. As you may
recall from the list and live discussion in Quebec City (archived and minuted), the point of CEMA is not to
make life easy for middleboxes. The point is to make it *possible* for end-to-end encryption to occur in
the common topology where there happen to be middleboxes. A side effect is life is a lot easier for
middleboxes, which one could consider the carrot to get the middlebox manufacturers and service
providers to adopt CEMA, is it makes life easier for them.
Because the purpose of CEMA is enabling end-to-end encryption, there has been some debate as to whether,
when two CEMA-endpoints are negotiating, TLS is mandatory or optional.
On the optional side are the following arguments:
o TLS consumes resources, more so than TCP
o TLS requires certificates in the end point
o Non-CEMA endpoints have only a MAY requirement for TLS, and thus few if any implement TLS
o TLS does not provide bullet-proof security, due to vulnerabilities from self-signed certificates or
alternate root certificate hijacking
On the mandatory side are the following arguments:
o While TLS consumes resources, most mobile devices have more than enough compute and battery resources to
o TLS does not impact middleboxes whatsoever
o The primary market for CEMA initially is 3GPP IMS. In 3GPP IMS, all endpoints have rooted, trusted certificates.