[E2ee] Fwd: Thoughts on draft-knodel-e2ee-definition
Mallory Knodel <mknodel@cdt.org> Tue, 19 October 2021 15:35 UTC
Return-Path: <mknodel@cdt.org>
X-Original-To: e2ee@ietfa.amsl.com
Delivered-To: e2ee@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 136BC3A0BDF for <e2ee@ietfa.amsl.com>; Tue, 19 Oct 2021 08:35:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aeYKv3T5EGXE for <e2ee@ietfa.amsl.com>; Tue, 19 Oct 2021 08:35:18 -0700 (PDT)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6268D3A0BDB for <e2ee@ietf.org>; Tue, 19 Oct 2021 08:35:15 -0700 (PDT)
Received: by mail-qt1-x834.google.com with SMTP id b12so323379qtq.3 for <e2ee@ietf.org>; Tue, 19 Oct 2021 08:35:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=message-id:date:mime-version:user-agent:subject:content-language :references:to:from:in-reply-to; bh=HEH1+pU6MyW5CUJuMlaWZu4oHg1P9eYKQsLn+o2XHBg=; b=VdoBDdKnLnE5g6MT2dRjXB+5pHvwgn1zycjwN/a0L3u3JWFOZnfgnUsec0TbNE6/G+ 1jl+guWOEShwmFqLGXmJZrRkkw6RLsNKJkPmYIPKdQOGEU+F1MbazXZz/qYG903sMLb6 1DmKoBpaamc+zmG+qMex18wU26iudxqcBqRKM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:references:to:from:in-reply-to; bh=HEH1+pU6MyW5CUJuMlaWZu4oHg1P9eYKQsLn+o2XHBg=; b=P2QqEVsbgyRqKNBgXdW9KzwBIXkIndUr/fpe+vuHqKcOO2yfxwB5+BUSDRgwyoSk2h BuoJB5J8M0ZC9jZZkI9Q2BpjfbKKvofKZyj3ams5NMxu8k/NUi/FObqOXn+Ilpc+aEYI hpyprAjVNtQdcUda6Jias/XN0sGXPtSELldSyeoEm1aAL58vmWBEQRxJaD7LsEFSquWU ffwE8kIyTM50pvNvdrCX/o/IzkULCCcmEpWJOLBPkwxdw8XA9Dd/tV7gVsZhyw7wgs+7 +cBqLAjr3CdB2tZ4vbNqB/9EdpVpaRk2KmeW/sjiOKx1yKlBNadShJSz0fBsi9MD+fwU MfWQ==
X-Gm-Message-State: AOAM533hMeHZJ4ZHSF0cs7imFSevVYiWb+y+EIrA+190aKY2ZdaUMpB8 +VIxW3KKOTzYUF0uMwfbntSy/XutZYRCrNZO
X-Google-Smtp-Source: ABdhPJzXgTIyHXOrxGkC7qWRGb0MPyO7TK1NbXlcEOiyCPjnPGeslr9uxhQ1IJJYpLdnfRPH6rCQ7A==
X-Received: by 2002:a05:622a:1aa5:: with SMTP id s37mr717757qtc.410.1634657713767; Tue, 19 Oct 2021 08:35:13 -0700 (PDT)
Received: from [10.0.3.86] ([50.239.129.122]) by smtp.gmail.com with ESMTPSA id x15sm1729942qkp.113.2021.10.19.08.35.12 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 19 Oct 2021 08:35:13 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------i4cpDBQb000NDlw3QZ40WRYk"
Message-ID: <82e7cf51-e53c-f01f-ffc3-db4d8197032a@cdt.org>
Date: Tue, 19 Oct 2021 11:35:12 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Thunderbird/94.0
Content-Language: en-US
References: <0311a1ff-8ff9-d50f-db51-b6a4ca5e521c@cdt.org>
To: e2ee@ietf.org, Adrian Farrel <adrian@olddog.co.uk>
From: Mallory Knodel <mknodel@cdt.org>
In-Reply-To: <0311a1ff-8ff9-d50f-db51-b6a4ca5e521c@cdt.org>
X-Forwarded-Message-Id: <0311a1ff-8ff9-d50f-db51-b6a4ca5e521c@cdt.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/e2ee/O-_MYjsorf3fLqI7ZibrnwMgBz8>
Subject: [E2ee] Fwd: Thoughts on draft-knodel-e2ee-definition
X-BeenThere: e2ee@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of the definition of end-to-end encryption." <e2ee.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/e2ee>, <mailto:e2ee-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/e2ee/>
List-Post: <mailto:e2ee@ietf.org>
List-Help: <mailto:e2ee-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/e2ee>, <mailto:e2ee-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Oct 2021 15:35:23 -0000
Hi all, For the purposes of documenting progress on this draft, I'm forwarding this exchange to the list. Please feel free to comment, -Mallory -------- Forwarded Message -------- Subject: Re: Thoughts on draft-knodel-e2ee-definition Date: Fri, 7 May 2021 10:35:55 -0400 From: Mallory Knodel <mknodel@cdt.org> To: adrian@olddog.co.uk, draft-knodel-e2ee-definition@ietf.org Hi Adrian, Thanks very much for this early review! And apologies for taking so long to respond. More: On 2/23/21 5:46 AM, Adrian Farrel wrote: > Hi, > > My immediate thought when I saw your Abstract was, "What is an end?" > > So, congratulations on the valiant attempt in 2.1. However :-) > > I think you need to recognise two things... > > 1. A user is generally assumed to be a human being. You say, "It is now > widely accepted that the communication system itself begins and ends with > the user [RFC8890]. We imagine people (through an application's user > interface) as components in a subsystem's design." And that makes me think > that e2ee means user-to-user encryption, but (subtly) that is not what you > mean because you do not expect the user to type encrypted emails. I think > the thing that might help tease this out is to mention "communication > subsystems". That is, the data that is passed by the combination of > the user > and their applications to the communication subsystem should already be > encrypted. > > That said, I am not sure where something like IPsec sits in that model. > IPsec is part of the communication subsystem, but can clearly sit on the > user's device. Are you saying that IPsec is not a tool for e2ee? We pulled out a new section on end point, though it's hard to do without toggling back and forth between the relationship with the other end point, eg the e2e principle! I focus here on why we need to understand user expectations, a later section already. So thanks for contributing to the thinking around that. But I also put in your point about IPSec-- do we want to make sure our definition carries water for e2ee supporting protocols? IPSEc might also be solved by worrying about tunnels or no tunnels... > 2. You are, I think, missing the concept of tunnels. Tunnels have ends. > Tunnels are used to carry trusted traffic over untrusted environments. > Tunnels have "users" that are normally processes. Encryption on tunnels is > hugely important to how the Internet works. Now, that may not be what you > want to talk about in your document, and that's OK, but the feel > (partly by > you talking about end-to-end, and partly by the long preamble about BGP in > 2.1) is that it is in scope. Wondering if Fred or Olaf could jump in? I think I would say tunnels are indeed out of scope because it's transport encryption, but you're right that we talk about BGP. It's only in an attempt to elucidate the end point and e2e principle. Thoughts from my co-authors on squaring this circle? > > As an aside, I find section 4 to be mistitled. I think "desire" would be a > better word than "expectation". Unless you phrase this as "users have a > right to these expectation". Indeed, if a user truly expected things like > the provider being trustworthy, they would be far less inclined to use > e2ee: > it is the absence of guarantee of meeting any of these expectations that > drives the necessity of e2ee. Again-- it's now much more obvious why we need this section. I think we have to keep it somewhat rigorous, where desire is not as such more than expectation, and also it's increasingly an industry term in, say, the W3C. We're putting out a -01 in MLS, so please we welcome reviews there! Or here: https://github.com/mallory/e2ee/blob/main/draft-e2ee.md -Mallory > Anyway, just thinking. > > Adrian > > -- Mallory Knodel CTO, Center for Democracy and Technology gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
- [E2ee] Fwd: Thoughts on draft-knodel-e2ee-definit… Mallory Knodel
- Re: [E2ee] Thoughts on draft-knodel-e2ee-definiti… Olaf Kolkman
- Re: [E2ee] Thoughts on draft-knodel-e2ee-definiti… Olaf Kolkman