Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?)
Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 26 August 2014 00:09 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F08221A04BC; Mon, 25 Aug 2014 17:09:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eDe_gfpVJZ3q; Mon, 25 Aug 2014 17:09:55 -0700 (PDT)
Received: from mail-pa0-x229.google.com (mail-pa0-x229.google.com [IPv6:2607:f8b0:400e:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6B891A04AB; Mon, 25 Aug 2014 17:09:55 -0700 (PDT)
Received: by mail-pa0-f41.google.com with SMTP id rd3so21943321pab.0 for <multiple recipients>; Mon, 25 Aug 2014 17:09:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=vGQUmSMGUuOZ62naHkkJvQCKWyq1atlG5jYHH+7fOrM=; b=i2zB1MhCGTwt591ZAoQaHbSuExhY9EfegYJJXrKWatUZIJ7nvyy7rxOvlS4kuzvavr yZm8jT5zbsO8+msO7uYZX4TFIAhPO9K9ixloVVu/TKrSSeZbflCXpERKxXKSA0wOt2zN nzuDMD1RxHcVEO4efPRGqjiTrTtWOUZkCFt0RrzApRR2L/sa3pgQb/cuL3hD8HXhhoD/ lcDSBsd7viDePc4E/vAEZNWPqU/p+laHIKjSxoAxw56J9EZXbYKp9eFC4mHnoxFpnNeR B9uGaPj3MmndwoJWr2GhgdqR4r6vTpnCyBrumsclGUeupbM27JRMRymIh8dkyND0yvKA +eNQ==
X-Received: by 10.70.123.163 with SMTP id mb3mr27001178pdb.37.1409011795339; Mon, 25 Aug 2014 17:09:55 -0700 (PDT)
Received: from [192.168.178.23] (100.195.69.111.dynamic.snap.net.nz. [111.69.195.100]) by mx.google.com with ESMTPSA id xj9sm4233884pab.40.2014.08.25.17.09.52 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 25 Aug 2014 17:09:54 -0700 (PDT)
Message-ID: <53FBD051.4010508@gmail.com>
Date: Tue, 26 Aug 2014 12:09:53 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Ted Hardie <ted.ietf@gmail.com>
Subject: Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?)
References: <53F548E5.2070208@cs.tcd.ie> <53F54F1C.1060405@dcrocker.net> <53F5D303.1090400@cs.tcd.ie> <CAMm+LwhmJpnU8E9ifA47baneGB=qjHzU_cy+wepPYLXrOhB+Pg@mail.gmail.com> <20140821160402.GT14392@mournblade.imrryr.org> <f5d8b5dc37b84f709c8f2df7c7a69daf@AMSPR06MB439.eurprd06.prod.outlook.com> <CAK3OfOgZzoXVnrE8Nbs6mwN2xD_snbzH9jT8TsYOVt8UASahYQ@mail.gmail.com> <a354d63505924d76a15b505e60e27a16@AMSPR06MB439.eurprd06.prod.outlook.com> <20140822140000.GE14392@mournblade.imrryr.org> <BLU181-W84354FE6BEF12305A2A7DB93D10@phx.gbl> <20140823040550.GQ5909@localhost> <BLU181-W307B52819C577693183E2D93D10@phx.gbl> <53F8FA97.2020607@cs.tcd.ie> <BLU181-W664365D566637BE6D0E67493D10@phx.gbl> <53F908A1.6040207@cs.tcd.ie> <8BBAE4BE-F816-4170-9533-6400ACE463EA@cs.georgetown.edu> <6461D9C5-8B0B-42D3-9877-32DB3E6150C6@standardstrack.com> <20140824190636.5BD1C1A0686@ietfa.amsl.com> <53FA44AF.4070504@gmail.com> <CA+9kkMAqesyTDzXBLe=Pp7z=X4hOpq6pF9qei=cDEbyaL-_A1A@mail.gmail.com>
In-Reply-To: <CA+9kkMAqesyTDzXBLe=Pp7z=X4hOpq6pF9qei=cDEbyaL-_A1A@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/ESIMj1glMzcVScwo87DHE07DVTQ
Cc: "saag@ietf.org" <saag@ietf.org>, Eric Burger <eburger@standardstrack.com>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Aug 2014 00:09:58 -0000
On 25/08/2014 19:19, Ted Hardie wrote: > On Sun, Aug 24, 2014 at 1:01 PM, Brian E Carpenter < > brian.e.carpenter@gmail.com> wrote: > >> RFC3205 (BCP56) said some of it a bit earlier, and was ignored. I'd say >> that >> RFC3639 was ignored too. For a practical lesson on the same topic, I >> suggest >> a critical study of all the RTCWEB drafts and of draft-ietf-dart-dscp-rtp. >> I think they show the depth of the hole we are in. >> >> Brian >> >> > Just so I don't rudely put words in your mouth, I'd appreciate your > unpacking what you practical lesson you anticipate learning there. Actually I think my brain was a bit fuzzy when I wrote that, but the point is that when we start bundling up things that don't naturally belong together, because we are trying to defeat middleboxes that perform DPI (for traffic analysis or any other reason) and/or IP header munging, we end up with artificial complexity that is unlikely to result in reliable, efficient communication. An old story, I know. Since before RFC 2775 at least. Brian
- Adept Encryption: Was: [saag] DANE should be more… Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Paul Wouters
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- Re: Adept Encryption: Was: [saag] DANE should be … Dave Crocker
- Re: Adept Encryption: Was: [saag] DANE should be … Scott Kitterman
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Kent
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … Christian Huitema
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: [saag]: Review of: Opportunistic Security -03… Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: [saag] Adept Encryption: Was: DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag]: Review of: Opportunistic Security -03… Paul Wouters
- Re: [saag] : Review of: Opportunistic Security -0… Stephen Kent
- Re: [saag] Adept Encryption: Was: DANE should be … Stephen Kent
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Theodore Ts'o
- RE: [saag] Is opportunistic unauthenticated encry… Christian Huitema
- Re: [saag] Is opportunistic unauthenticated encry… Nico Williams
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Eric Burger
- Re: Is traffic analysis really a target (was Re: … Michael StJohns
- Re: [saag] Is opportunistic unauthenticated encry… Dave Crocker
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Mark Andrews
- Re: [saag] Is traffic analysis really a target (w… Henry B (Hank) Hotz, CISSP
- Re: Is traffic analysis really a target (was Re: … Ted Hardie
- RE: [saag] Is opportunistic unauthenticated encry… Hosnieh Rafiee
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: Is traffic analysis really a target (was Re: … Nico Williams
- Re: Is traffic analysis really a target (was Re: … Eric Burger