IETF Logo Mail Archive

Re: [Eligibility-discuss] On 3797 alternatives

Eric Rescorla <ekr@rtfm.com> Wed, 31 May 2023 17:54 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: eligibility-discuss@ietfa.amsl.com
Delivered-To: eligibility-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E4BAC151072 for <eligibility-discuss@ietfa.amsl.com>; Wed, 31 May 2023 10:54:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h3n1bSUCMVVT for <eligibility-discuss@ietfa.amsl.com>; Wed, 31 May 2023 10:54:36 -0700 (PDT)
Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AB81C14CE54 for <eligibility-discuss@ietf.org>; Wed, 31 May 2023 10:54:36 -0700 (PDT)
Received: by mail-yb1-xb2a.google.com with SMTP id 3f1490d57ef6-bad041bf313so8410830276.0 for <eligibility-discuss@ietf.org>; Wed, 31 May 2023 10:54:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20221208.gappssmtp.com; s=20221208; t=1685555675; x=1688147675; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=jXrvk80bHYBFqJdwDrZghaNgl08l8XXY/92COBY6lds=; b=IWmrTBvFvQy32ybyWw4B3DUaA5MIag0OM9fqtg4Rd0ai9rxizg1331bAuxGvUY5q1/ rMhcRcjBB0qFlYfXxp4k0m7CIUmVjupfa07Gv484GmZyAfiHgHhzWmYxeDx9Ti7Shrw7 8pLCLjnGXc1SjKwQ3S/t3uDd8OHuiXij5WY7BLg/8Dwbvz1oq2g+muQi0c9qljjYo90X pFjTXUnVcWJ2PkpviZ9mGEJJN6gRBEMNd+jEdXzAkVfWAQMFfzde0wNGQU7WZdCfxhmC ofIr8qhW95UesSwrGLhg8I1mYc3tIPY9jHLkHc0HHeWY6cHoOxgKz6CGBVxzezbefkfZ Qnvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685555675; x=1688147675; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jXrvk80bHYBFqJdwDrZghaNgl08l8XXY/92COBY6lds=; b=FJ1HUm6L4WOa2gSabflEZz0I4f6YOe0xtXd5E+bn1vX+9q79uh6wpM0H5EG2riW6qb 6I3iHbmJnuvuUcROXZsO+t6G2FxuhMLd89cty2g//C3RuYUNXKZXQr39THzZXCVcYrdE VDQ6HIaC8iOo/srj3evwT95cRghtLvXd3IynWiMKzq57VGbtp3rBEj1sVTlXHPzjM8kA 1MIJBh/hsP+oLjFd2ptJ1q7xqI2KB0ju4lkA3Cl5AS/1SbXDtQOAOV75tm+W1RJ+J/5O vJx1jqu2o1KkUXNMZ9MDgFEXLjb7i8x8iYlrP5TwAVRnjEq2wsmnhCVCBKXhZaMYppUl nrbA==
X-Gm-Message-State: AC+VfDwQtIYA1JtwNdWVjQkQK9ST+ieJaBmdRzjO0NZuGgXlPaT5dVsf rsmdrs1/odPiCGX0eWhLhEUis7hAUE67U9Uv39cag0Smmx0H3gzs
X-Google-Smtp-Source: ACHHUZ73cczXPWHEEacuW8/KypNA/dfXSrq2BAL7GN+pB3cZU1rpHfhSxRKbHafUrKEqaa8MKx7I9UGzn4HUP02APs0=
X-Received: by 2002:a0d:d913:0:b0:565:c966:a7bd with SMTP id b19-20020a0dd913000000b00565c966a7bdmr5867349ywe.16.1685555674986; Wed, 31 May 2023 10:54:34 -0700 (PDT)
MIME-Version: 1.0
References: <54F373CD-1E97-42BC-9AAB-0451ABD9D448@eggert.org> <1229DD7D-3640-4EFD-8058-D0EC18020038@eggert.org> <18537EEF-4E16-4C48-8456-02A8FB0C8CFC@vpnc.org> <4a8f2bb4-25c3-5514-f13f-8db1804619a6@joelhalpern.com> <0531CD69-AAA4-4657-9B90-B50F76D997B7@vpnc.org> <ffa1d82b-a22b-f68f-5000-6a1ca437d147@joelhalpern.com> <B953359D-72A9-4032-857E-490AEAF60C4A@vpnc.org> <2745cf30-098d-4a3a-9e9e-3c3c44179176@app.fastmail.com> <CAF4+nEGL0_h-iagUxhyxh2FJdz=QUi5JQr6XdPj-Q=q8Rov0XQ@mail.gmail.com> <9d9b0e70-c7ca-4602-8862-33165522497c@app.fastmail.com> <896FF479-E5B7-4A31-95AE-376CCE2591C9@akamai.com> <CABcZeBN7XyRknvkg9TfvTCx3rGEpLtWynE7-eaufhmcEmnDHtA@mail.gmail.com> <30f8a4a3-2a3c-4560-abe5-63ee0c4366d4@app.fastmail.com> <9DCA0EF0-8E99-4A33-ABAB-45997C96002F@akamai.com>
In-Reply-To: <9DCA0EF0-8E99-4A33-ABAB-45997C96002F@akamai.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 31 May 2023 10:53:59 -0700
Message-ID: <CABcZeBOS1zAmS664bQAiAZPhN5-Hr6OTbv6UZu+Ai9zwsps_CQ@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Cc: Martin Thomson <mt@lowentropy.net>, Donald Eastlake <d3e3e3@gmail.com>, "eligibility-discuss@ietf.org" <eligibility-discuss@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000041d45105fd010331"
Archived-At: <https://mailarchive.ietf.org/arch/msg/eligibility-discuss/7dGpbfhRt5eEoGSTlVqF0tGIAXE>
Subject: Re: [Eligibility-discuss] On 3797 alternatives
X-BeenThere: eligibility-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF eligibility procedures <eligibility-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eligibility-discuss>, <mailto:eligibility-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eligibility-discuss/>
List-Post: <mailto:eligibility-discuss@ietf.org>
List-Help: <mailto:eligibility-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eligibility-discuss>, <mailto:eligibility-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2023 17:54:38 -0000

On Wed, May 31, 2023 at 8:51 AM Salz, Rich <rsalz@akamai.com> wrote:

> > That's right. I'm also assuming that others have access to that
> information (Robert, the previous chair, people writing software for the
> datatracker, etc...) I'm not implying anything about the character of those
> individuals, only saying that a stronger system wouldn't rely so much on us
> trusting those people ... or chance.
>
> Can you tell me what attacks you see as possible?  I assume that Akamai
> (for example) could tell its employees to not volunteer which is effective
> immediately. If it wanted to get many volunteers, they would either be
> already qualified, or there is a more-than-one-year timeline. This was
> discussed in London, and the consensus was that watching the growth of
> eligible volunteers was good enough.
>
> What am I missing?
>

The attack I have in mind is that you have a pool of (say) 10
nomcom-qualified people.
They all volunteer at the beginning and so are on the list. Then once the
rest of the list
is set, you run the numbers and find the optimal set of people to withdraw
to get the
most favorable distributional outcome for the selection process.

It should be obvious that this is worthwhile if the randomness is known in
advance: you
get to choose between 1024 different nomcoms. I haven't run the numbers and
so am
not really sure how many bits of randomness you need to make this attack
ineffective
with a pool of attackers of size N [0]

-Ekr

[0] Note that on average you'll reduce your representation in the pool by
N/2 but that
may be worthwhile because there are people you don't control who
nevertheless have
known preferences.

v2.23.0 | Report a Bug | By Email