[Cfrg] CFRG and thwarting pervasive montoring

Paul Hoffman <paul.hoffman@vpnc.org> Sun, 29 December 2013 21:12 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 7409C1AE2AD for <cfrg@ietfa.amsl.com>; Sun, 29 Dec 2013 13:12:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id p0375LgW-gFp for <cfrg@ietfa.amsl.com>; Sun, 29 Dec 2013 13:12:49 -0800 (PST)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 9DF4C1AE28F for <cfrg@irtf.org>; Sun, 29 Dec 2013 13:12:49 -0800 (PST)
Received: from [] (50-0-66-41.dsl.dynamic.sonic.net []) (authenticated bits=0) by hoffman.proper.com (8.14.7/8.14.7) with ESMTP id rBTLCDvB054823 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 29 Dec 2013 14:12:15 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 50-0-66-41.dsl.dynamic.sonic.net [] claimed to be []
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <52C07436.2040709@cs.tcd.ie>
Date: Sun, 29 Dec 2013 13:12:16 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <04C32948-02A2-44F4-B4C1-CF29D4146715@vpnc.org>
References: <CAGZ8ZG2f9QHX40RcB8aajWvEfG0Gh_uewu2Rq7bQGHYNx6cOmw@mail.gmail.com> <52C07436.2040709@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.1827)
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: [Cfrg] CFRG and thwarting pervasive montoring
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Dec 2013 21:12:50 -0000

On Dec 29, 2013, at 11:12 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> . . .

> I would love to see ongoing detailed work within
> CFRG as to how to counter pervasive monitoring.

Wearing your perpass hat, how can CFRG help? I ask this because I have seen little on the perpass mailing list that indicated that an even minor problem has been lack of crypto, or the use of crypto that is thought to be breakable. What type of crypto research or assessment would help perpass?

Note that deprecating the use of crypto that is widely known to be broken is the purview of IETF WGs, not the CFRG. The relevant WGs (particularly TLS) seem to already be doing that.

--Paul Hoffman