IETF Logo Mail Archive

Re: [Apn] Further revised draft Charter

Donald Eastlake <d3e3e3@gmail.com> Fri, 20 January 2023 17:05 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: apn@ietfa.amsl.com
Delivered-To: apn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 374FCC14F6EB for <apn@ietfa.amsl.com>; Fri, 20 Jan 2023 09:05:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.848
X-Spam-Level:
X-Spam-Status: No, score=-6.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P-oYsTdtSsNY for <apn@ietfa.amsl.com>; Fri, 20 Jan 2023 09:05:21 -0800 (PST)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7CBBC14E514 for <apn@ietf.org>; Fri, 20 Jan 2023 09:05:21 -0800 (PST)
Received: by mail-ej1-x632.google.com with SMTP id ss4so15493076ejb.11 for <apn@ietf.org>; Fri, 20 Jan 2023 09:05:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=lOohm9mqJHJKFJpVFJ7YJ/zEZ0clFw5oj+md9y+nd/I=; b=RAvkqYUJJCqz+Vjh8Gdp5jNXWVolyGevihP5232YBRxfSgXj6bnFyrNuDzCfx3tZGG 8QgUrNyMBzp6HNGnG5hSRX948Y1l6k2Pi+XB5/urCZ7PNj6jqKMsh8o6ZVyoXKsPvq/u nM3V15jOG4ZAxDepf3Eu21i4FFYczr5oWDqISI5vUI/zz0F7WhXvaG2S/OcbjW7whnR4 sXRmD3QAIbAD3jInGTiYIxj+p23aV4nKJb6uvGgQdetqVjeCMBEXwDpIpQYfAxONpee3 T896SjOTe6m/N35RnHtqGg7EPhT5PDE395MJEmjZsgeFArHFbo6dlptRg2L1RYlTfZvH VBoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lOohm9mqJHJKFJpVFJ7YJ/zEZ0clFw5oj+md9y+nd/I=; b=RQZRQd4Irf8Nw1Ihgs/JvCSsJNXA0D+LtAAhqQ+6vW3HM7H9XEajOKYzdIlRBGlOYz gxBaTNKUd6outKmrpR/updK7xyU0sWXXFcYBmdjCfCg89l6BtyP1/akQ8o4i1K+99ahD QBNl9HcvdSZwShn5uh0hfHpPhJ3Gww6w4TKUsIEJSAZLrE5WNjVcKFUvMckyn/SZ+Hhp cD85Y9gbIs62YoBkmR42wUDlnylMPkxtUzwXkcS1kE84HSLEh5tM+p0LoM0uHkSh5cYn vfVMNOMIo02AqIJWaxTBV44v1cWgKAKLhD6yNbjrrrKRzjtAXiMbnuhJJ9tAHUUxHLhJ wcvg==
X-Gm-Message-State: AFqh2krLucEVDHpBir91S1c1RPWcqKkaaOcJHaMhXfOojEYeoZ7k+buB fd3Fjq0F/1QqRdMb9R9456WgyBM8dcFhhyAT+FJF1PrR
X-Google-Smtp-Source: AMrXdXsT/ovOyzPYrOomqv2Az3cw7qokOVqnjsqGABfMp9mK/Un1xsScpO+ZIKFhDyh9MniSCkBW/WAVNdJTT0mq40Y=
X-Received: by 2002:a17:906:3846:b0:871:bf7a:94b1 with SMTP id w6-20020a170906384600b00871bf7a94b1mr1061819ejc.517.1674234320282; Fri, 20 Jan 2023 09:05:20 -0800 (PST)
MIME-Version: 1.0
References: <CAF4+nEFHcKBbc7J8v3yj_b6V1==4yUBOOhdazR2yrP75Gcd0mA@mail.gmail.com> <051d01d92b82$73cda4a0$5b68ede0$@olddog.co.uk> <CAF4+nEGj_94YoG330zb5-p6BGaJ5Cce3tuiVDt-eo7E6NaCU5w@mail.gmail.com> <CA+9kkMAQcjd4Xckd9wiQiyUCQe0FxwHaOiZ5efZDHmWvYpThoQ@mail.gmail.com> <062101d92cbb$b70ab8e0$25202aa0$@olddog.co.uk>
In-Reply-To: <062101d92cbb$b70ab8e0$25202aa0$@olddog.co.uk>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Fri, 20 Jan 2023 12:05:08 -0500
Message-ID: <CAF4+nEGdhjha17DDs7X3s+HDu9sC6RH37=TZdhF9-fhvZ4k82Q@mail.gmail.com>
To: adrian@olddog.co.uk
Cc: apn@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/apn/7_Zr6ILQfOi1M9AH7DAigF2FdTo>
Subject: Re: [Apn] Further revised draft Charter
X-BeenThere: apn@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Application-aware Networking <apn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apn>, <mailto:apn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apn/>
List-Post: <mailto:apn@ietf.org>
List-Help: <mailto:apn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apn>, <mailto:apn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jan 2023 17:05:22 -0000

Certainly there is privacy and security work to be done. What I
objected to is what appeared to me to be an assertion that every
provider and enterprise network link is always being surveilled by
possibly malign outside observers. But that happens sometimes which is
another reason for taking into account privacy and security concerns.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com

On Fri, Jan 20, 2023 at 5:41 AM Adrian Farrel <adrian@olddog.co.uk> wrote:
>
> Ted, you beat me to it.
>
>
>
> Yes, the whole point of “exposure” is not that it is being wilfully displayed, but that an attacker (who finds a way of viewing or copying traffic) can see every non-encrypted field every packet (on a link or at a node).
>
>
>
> While enterprise networks may consider themselves better protected than service provider networks (where the links are in public spaces), it turns out that enterprises are similarly vulnerable, partly because their traffic may be more valuable.
>
>
>
> A
>
>
>
> From: Ted Hardie <ted.ietf@gmail.com>
> Sent: 20 January 2023 08:54
> To: Donald Eastlake <d3e3e3@gmail.com>
> Cc: adrian@olddog.co.uk; apn@ietf.org
> Subject: Re: [Apn] Further revised draft Charter
>
>
>
> Hi Donald,
>
>
>
> On Fri, Jan 20, 2023 at 6:05 AM Donald Eastlake <d3e3e3@gmail.com> wrote:
>
>
> The use of the APNET Field inside an APNET network domain would not
> generally expose it to "outside observers" unless all the traffic in
> the domain was so exposed
>
>
>
> I agree with the statement above and disagree with the statement below.  I think you're entirely right to say that the field would only be exposed if the network traffic were generally exposed.  On the other hand, the lesson of pervasive surveillance is and was that the amount of traffic being hoovered up is always more than you think.  Presuming it will be available to an attacker is a far safer assumption than assuming that this is rare.  Certainly I would expect the security considerations to presume that such attackers were within the threat model.
>
>
>
> regards,
>
>
>
> Ted Hardie
>
>
>
>
>
>
>
> which I think is something that would rarely
> happen rather than "necessarily" happen. But some more could be said
> about privacy and security
>

v2.23.0 | Report a Bug | By Email