Re: [babel] Secdir last call review of draft-ietf-babel-rtt-extension-04
Juliusz Chroboczek <jch@irif.fr> Tue, 10 October 2023 20:57 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 758FFC14CE42; Tue, 10 Oct 2023 13:57:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=irif.fr
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T3wG97hySJMY; Tue, 10 Oct 2023 13:57:23 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0613DC14CE33; Tue, 10 Oct 2023 13:57:17 -0700 (PDT)
Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 39AKvCWM008882 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 10 Oct 2023 22:57:12 +0200
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id 39AKvCLk001611; Tue, 10 Oct 2023 22:57:12 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 1F65792D99; Tue, 10 Oct 2023 22:57:10 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=irif.fr; h= content-type:content-type:mime-version:user-agent:references :in-reply-to:subject:subject:from:from:message-id:date:date :received:received; s=dkim-irif; t=1696971429; x=1697835430; bh= pfbBukpmuv+OXlNPFZA8GllYNfbiN5GeFCHQ5hYSzr0=; b=UrwnjHJxY78vqE1t S9+BGlw/6vU8Iu2tysI+k1F+5qHhGF9DJcWkr5s2D2WVYoI0qICb3+DPRfqvM4/I DtX62UxP18B1KWfZVi7AJ0BwZBpGMQRGG91FUTDxEExcM+ipPPU7BL5Uu9vvpkbD dfHqeEVUfMBFEjP47BW8DbQJfo7nuOhNjdmZDrADmvloNkY2/WnXdldZV2qdJ/2N SIUY2fim0qHuhVYKt0finPvd+jKu/c3wMdwMcgOC9u6mrGEpRYTn6tusGZ7hxKwY nJF496K/kVB/MIsrdeRDIqStbeUQfXaI1+FFA0mzOaSyCf0C04lmYiYLsYljrPb0 37Zq/w==
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id epVkBjFRIp5h; Tue, 10 Oct 2023 22:57:09 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id C575892CC2; Tue, 10 Oct 2023 22:57:07 +0200 (CEST)
Date: Tue, 10 Oct 2023 22:57:07 +0200
Message-ID: <87cyxm42n0.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: David Schinazi <dschinazi.ietf@gmail.com>
Cc: Shivan Kaul Sahib <shivankaulsahib@gmail.com>, secdir@ietf.org, babel@ietf.org, draft-ietf-babel-rtt-extension.all@ietf.org, last-call@ietf.org
In-Reply-To: <CAPDSy+6cRezEKKEuLhZekY8rmG0=aDm_JtGkooWaaExaefOPRg@mail.gmail.com>
References: <169690561656.636.8204474299201117349@ietfa.amsl.com> <87bkd6ztdk.wl-jch@irif.fr> <CAG3f7MjdVbd9F9n1tEfnxdiEg2TZG=rtDBojgaSZTQEcbsEPyw@mail.gmail.com> <CAPDSy+6cRezEKKEuLhZekY8rmG0=aDm_JtGkooWaaExaefOPRg@mail.gmail.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/29.1 Mule/6.0
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Tue, 10 Oct 2023 22:57:12 +0200 (CEST)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Tue, 10 Oct 2023 22:57:12 +0200 (CEST)
X-Miltered: at korolev with ID 6525BAA8.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-Miltered: at potemkin with ID 6525BAA8.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 6525BAA8.000 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/<jch@irif.fr>
X-j-chkmail-Enveloppe: 6525BAA8.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 6525BAA8.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Score: MSGID : 6525BAA8.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/jsKVfb_0afMZkz1grK3VGoQzvKE>
Subject: Re: [babel] Secdir last call review of draft-ietf-babel-rtt-extension-04
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 20:57:27 -0000
> I'll also note that routing protocol nodes are often border routers that have > privacy properties more similar to a web server than to a web client. Uh-huh. I could be wrong, but I think that Shivan is merely requesting that we should mention the issue somewhere. Which I agree with. > A good solution here would be to add a note that clarifies this and > warns against deploying Babel RTT unencrypted on devices whose network > location is privacy-sensitive. I'm not sure if encrypting the Babel control traffic solves the problem. Even if the data is encrypted, it is still communicated to the other Babel nodes in the network, who might not or might not be trusted to learn your location. Claiming that encryption solves the problem would be a little bit like insisting that all HTTP traffic be encrypted while at the same time providing a mobile OS that shares your private data with Google. (Cheap shot, I know.) -- Juliusz
- [babel] Secdir last call review of draft-ietf-bab… Shivan Sahib via Datatracker
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… David Schinazi
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek
- Re: [babel] Secdir last call review of draft-ietf… Shivan Kaul Sahib
- Re: [babel] Secdir last call review of draft-ietf… Juliusz Chroboczek