Re: [dispatch] [Secdispatch] A protocol for anonymity

Martin <martin@gwerder.net> Tue, 12 March 2019 06:18 UTC

Return-Path: <martin@gwerder.net>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02DE2130EF9; Mon, 11 Mar 2019 23:18:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SiqlLinFam2V; Mon, 11 Mar 2019 23:18:56 -0700 (PDT)
Received: from horus.gwerder.net (horus.gwerder.net [5.9.56.41]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B961130E64; Mon, 11 Mar 2019 23:18:55 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by horus.gwerder.net (Postfix) with ESMTP id ECD0AE2AC93; Tue, 12 Mar 2019 07:18:52 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at horus.gwerder.net
Received: from horus.gwerder.net ([127.0.0.1]) by localhost (horus.gwerder.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bmLtote-Bb0h; Tue, 12 Mar 2019 07:18:52 +0100 (CET)
Received: from [192.168.244.105] (145.180.195.178.dynamic.wline.res.cust.swisscom.ch [178.195.180.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: mgwerder) by horus.gwerder.net (Postfix) with ESMTPSA id 309D5E2AC96; Tue, 12 Mar 2019 07:18:52 +0100 (CET)
To: "Salz, Rich" <rsalz@akamai.com>, "rfc-ise@rfc-editor.org" <rfc-ise@rfc-editor.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>, "dispatch@ietf.org" <dispatch@ietf.org>
Cc: "sec-ads@ietf.org" <sec-ads@ietf.org>, "art-ads@ietf.org" <art-ads@ietf.org>, "draft-gwerder-messagevortexmain@ietf.org" <draft-gwerder-messagevortexmain@ietf.org>
References: <1d369e948382f1431f6e67abce4ca0c8.squirrel@www.amsl.com> <F7BDADFC-FBEF-4049-945B-BD865AB58229@akamai.com> <336679b2-abd1-6372-050e-974530088821@gwerder.net> <26313F4A-06FF-4155-B646-09C96F370894@akamai.com>
From: Martin <martin@gwerder.net>
Message-ID: <6dd6ed2c-b2a6-f42f-9edc-25c9607bf173@gwerder.net>
Date: Tue, 12 Mar 2019 07:18:51 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
In-Reply-To: <26313F4A-06FF-4155-B646-09C96F370894@akamai.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/PlNlhQYf6Enl-9sKP4aY61rCRpc>
Subject: Re: [dispatch] [Secdispatch] A protocol for anonymity
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 06:18:58 -0000

Hi Rich

This is a valid point. Requested status is experimental. This allows
going for a standard later. So the primary goal is to become a standard
on the long term and to expose the protocol to a broader public. In my
eyes, for the standard, it would require that we have two seconding
documents — one dealing with best current practices and one focusing
security considerations (maybe both in one document). The main problem
with those two documents is not the protocol itself. As SMTP or HTTP in
its pure form, this is a transport protocol only. It does not deal with
the client side or the content itself.

Anonymity is broken easily by the users themselves. As an example, you
may take the fact that almost no user is ready to write emails in plain
text. They want to embed graphics and emoticons. Allowing HTML encoding
on the other side makes the protocol vulnerable to bugging attacks. At
the moment I am using Thunderbird as the client and the MessageVortex
node as "local mail server." While this makes sense from the user
perspective (no new client), it is maybe not the wisest decision from an
anonymity perspective. This, however, is not a problem of the protocol.
MessageVortex allows transferring any message and is not limited to
emails. These possibilities should be further explored.

At least for my person, this protocol opens a whole new world full of
possibilities. So I am very keen to see what it can do.

Regards
Martin


Am 11.03.2019 um 15:31 schrieb Salz, Rich:
> I would turn this around: why does this have to be an RFC?
>