Re: COVID-19 contacts tracker (Re: a brief pondering)
Keith Moore <moore@network-heretics.com> Wed, 15 April 2020 19:45 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AA343A0897 for <ietf@ietfa.amsl.com>; Wed, 15 Apr 2020 12:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ov0R1dYxCiUs for <ietf@ietfa.amsl.com>; Wed, 15 Apr 2020 12:45:49 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 363753A076C for <ietf@ietf.org>; Wed, 15 Apr 2020 12:45:49 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 552D540B; Wed, 15 Apr 2020 15:45:48 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Wed, 15 Apr 2020 15:45:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=K1Im1O pN2zaEH0sGyTZQBOcQnVamtR8d2gTpgCST8e4=; b=ztbjgkT+ZGY5dUimbu1dxM kisiMZNCRbxbajxkHs9HTQQMCWq4rZwkMavivd4W/lwA8LdMbY5ch50f89CMS5o3 SYgJyVMGplRiJG1SdoHAXyTsyAWNxl3Mwp40pIaJddNaoQ4DwuSAeMapQU89/O85 1PrOxUVTV47pJmweLCugHa3oDgfflaY+gEwcVfd0WbFj+F6NXVxgxQYxDxc2c8uC y26PUz0wMdUpEAsg24qfIRQ9ebTyNxgy+DCvUiSpX52yGp/y+nTHY+IJfTqlDXK1 2P+VdLen72qvP7HEs2jNsJ7XmB4GY7Bui5tisYtaXlu81/xPtMa7JvR3aR+Q76TA ==
X-ME-Sender: <xms:a2SXXiNIaq-y6gtm7BHKGaLKzk5sfd-xuE_l6qPBU_IsRJiaN_7JWQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrfeefgddufeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefuvfhfhffkffgfgggjtgesrgdtre ertdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvghtfiho rhhkqdhhvghrvghtihgtshdrtghomheqnecukfhppedutdekrddvvddurddukedtrdduhe enucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohho rhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:a2SXXlnKgnyI-GJVMlFjQLar_WjhJ-IwCry2mBLSxBvH-hf7N6_z2Q> <xmx:a2SXXha1GPl_sLEnOaX4GteUbUvWaBAZKS5aR28-Tcb-G5smhQ5pWQ> <xmx:a2SXXs3sW5q0m2fLds9PzcDy0yV_JFzJwdTmLIn9dt4MEIj2IQTQEw> <xmx:a2SXXp1qZWoXCoQcrSaTGsGKIZtAAZVZSJPgGg6yB8YRtJ_ti27QQA>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 2F57B306005C; Wed, 15 Apr 2020 15:45:47 -0400 (EDT)
Subject: Re: COVID-19 contacts tracker (Re: a brief pondering)
To: John Wroclawski <jtw@csail.mit.edu>
Cc: ietf@ietf.org
References: <fd6b7ee2-cdbe-14a1-0087-ce61282b22f6@lear.ch> <29D0DCA7-1D72-428F-A6DD-05511D90C039@cable.comcast.com> <2fa6a8c8-7639-a378-2ff1-3f8697556b66@cisco.com> <24cd67ab-df5a-cc2f-745f-ace19d5325ea@network-heretics.com> <FD9C31D9-7113-40D7-8AB1-E581458DB02F@webweaving.org> <922752c9-7ac6-ff32-35c5-7035e49e22ff@network-heretics.com> <E1AE702B-A44D-4C11-A4D2-176794C1836B@csail.mit.edu>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <949a8a06-c8c4-c40b-0f2d-fc0c6fd2dae5@network-heretics.com>
Date: Wed, 15 Apr 2020 15:45:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <E1AE702B-A44D-4C11-A4D2-176794C1836B@csail.mit.edu>
Content-Type: multipart/alternative; boundary="------------84E30B4E0BFC4AE31A4719AC"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/AoP9cFL895sErohz0XaPp7ymdOk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2020 19:45:51 -0000
On 4/15/20 3:35 PM, John Wroclawski wrote: >> On Apr 15, 2020, at 2:58 PM, Keith Moore<moore@network-heretics.com> wrote: >> >> To be clear, I don't think this is a problem that can be solved by protocol design. Unless/until we can actually audit both the hardware and software in our mobile devices, we're vulnerable to whatever the big companies put in those devices, and to whatever governments demand of them. > But these are two distinct issues. > > It’s entirely possible to design a protocol that has specific, effective privacy preserving properties, and possibly even some interesting "subversion resistance” properties, and then subvert it. > > It’s also possible to design a protocol that doesn’t have those properties in the first place - at which point I don’t need to subvert it. > > It seems to me that one of these approaches should still seem more attractive than the other one to the privacy-concerned, even if neither is perfect. oh sure. but IMO it's very naive to assume that leaking of information won't take place outside the scope of the protocol. Keith
- Re: a brief pondering Livingood, Jason
- a brief pondering Eliot Lear
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Nick Hilliard
- Re: a brief pondering Carsten Bormann
- Re: a brief pondering Spencer Dawkins at IETF
- Re: a brief pondering Michael Tuexen
- Re: a brief pondering Adam Roach
- Re: a brief pondering Adam Roach
- WebRTC (Re: a brief pondering) Harald Alvestrand
- Re: a brief pondering Michael Richardson
- Re: a brief pondering Phillip Hallam-Baker
- Re: a brief pondering Narelle Clark
- Re: a brief pondering Toerless Eckert
- Re: a brief pondering Nick Hilliard
- Off-topic: making WebRTC work in practice (Re: a … Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Spencer Dawkins at IETF
- Re: Off-topic: making WebRTC work in practice (Re… Carsten Bormann
- Re: Off-topic: making WebRTC work in practice (Re… Philipp Hancke
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Benjamin Kaduk
- Re: Off-topic: making WebRTC work in practice (Re… Bob Hinden
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- RE: Off-topic: making WebRTC work in practice (Re… Larry Masinter
- Re: Off-topic: making WebRTC work in practice (Re… Keith Moore
- Re: Off-topic: making WebRTC work in practice (Re… Phillip Hallam-Baker
- Re: Off-topic: making WebRTC work in practice (Re… Michael Richardson
- Re: Off-topic: making WebRTC work in practice (Re… Eric Rescorla
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Peter Saint-Andre
- Re: Off-topic: making WebRTC work in practice (Re… Nico Williams
- Re: Off-topic: making WebRTC work in practice (Re… Cullen Jennings
- Re: Off-topic: making WebRTC work in practice (Re… Mary B
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Harald Alvestrand
- Re: Off-topic: making WebRTC work in practice (Re… Christer Holmberg
- Re: Off-topic: making WebRTC work in practice (Re… Simon Pietro Romano
- Re: Off-topic: making WebRTC work in practice (Re… Toerless Eckert
- Implementation requirement (Re: Off-topic: making… Harald Alvestrand
- COVID-19 contacts tracker (Re: a brief pondering) Benoit Claise
- Re: COVID-19 contacts tracker (Re: a brief ponder… Carsten Bormann
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Bob Hinden
- Re: COVID-19 contacts tracker (Re: a brief ponder… Dirk-Willem van Gulik
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Joel M. Halpern
- Re: COVID-19 contacts tracker (Re: a brief ponder… Eric Vyncke (evyncke)
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Fred Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Keith Moore
- Re: COVID-19 contacts tracker (Re: a brief ponder… Vittorio Bertola
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… John Wroclawski
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian Huitema
- Re: COVID-19 contacts tracker (Re: a brief ponder… Jeff Tantsura
- Re: COVID-19 contacts tracker (Re: a brief ponder… Robert Raszuk
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rob Sayre
- Re: COVID-19 contacts tracker (Re: a brief ponder… Phillip Hallam-Baker
- Re: COVID-19 contacts tracker (Re: a brief ponder… Harish Pillay
- RE: COVID-19 contacts tracker (Re: a brief ponder… Andrew Campling
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: COVID-19 contacts tracker (Re: a brief ponder… Rich Kulawiec
- Re: COVID-19 contacts tracker (Re: a brief ponder… Stephane Bortzmeyer
- Re: COVID-19 contacts tracker (Re: a brief ponder… Christian
- Re: WebRTC (Re: a brief pondering) Cullen Jennings