Re: Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Wed, 04 January 2023 10:43 UTC
Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63AD7C152594 for <ietf@ietfa.amsl.com>; Wed, 4 Jan 2023 02:43:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cSj8vP4PvMOV for <ietf@ietfa.amsl.com>; Wed, 4 Jan 2023 02:43:04 -0800 (PST)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by ietfa.amsl.com (Postfix) with SMTP id 3D073C152593 for <ietf@ietf.org>; Wed, 4 Jan 2023 02:43:02 -0800 (PST)
Received: (qmail 90741 invoked from network); 4 Jan 2023 10:33:51 -0000
Received: from necom830.hpcl.titech.ac.jp (HELO ?127.0.0.1?) (131.112.32.132) by necom830.hpcl.titech.ac.jp with SMTP; 4 Jan 2023 10:33:51 -0000
Message-ID: <6e061049-91df-aabc-5720-bb897c4663ea@necom830.hpcl.titech.ac.jp>
Date: Wed, 04 Jan 2023 19:42:58 +0900
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.6.1
Subject: Re: Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
To: ietf@ietf.org
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Content-Language: en-US
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
In-Reply-To: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/I2cLD61rhhRtPrCP1ECV0P-srqE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 10:43:05 -0000
John Mattsson wrote: > Assuming breach like key > compromise is an essential zero trust principle. A problem is that even 12 years after Diginotar, many people still believe in PKI which blindly trusts intermediate CAs of demonstrated-to-be-untrustworthy trusted third parties. People working for PKI industry can not accept a fact that PKI is not secure end to end. The reality is that, zero trust security must rely on shared secret shared directly between ends, which is the end to end security. > 3GPP is working hard to mitigate its PSK vulnerabilities with > ECIES and ECDHE? I can see no point to rely on EC. which is a lot lot lot less analyzed than linear N. > - IP layer: While the transport layer and application layer has seen > significant improvements such as QUIC and HTTP/3 and the link layer > has seen improvements with MAC randomization, not much has happened > at the Internet layer. IP addresses are still not only long-lived > trackable identifiers, but they also reveal your location. Wrong. IP mobility without triangle elimination hides your true IP address at least for a short period. Mobility triangle is necessary cost to hide your location. You may even use, like onion routers, layered IP mobility. A possible improvement by IETF is to encrypt mobility messages. Masataka Ohta
- Ten years after Snowden (2013 - 2023), is IETF ke… John Mattsson
- Re: Ten years after Snowden (2013 - 2023), is IET… Lloyd W
- Re: Ten years after Snowden (2013 - 2023), is IET… Brian E Carpenter
- Re: Ten years after Snowden (2013 - 2023), is IET… Phillip Hallam-Baker
- Re: Ten years after Snowden (2013 - 2023), is IET… Christian Huitema
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: Ten years after Snowden (2013 - 2023), is IET… Dave Taht
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Adrian Gropper
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- RE: [saag] Ten years after Snowden (2013 - 2023),… Antoine FRESSANCOURT
- Re: [saag] Ten years after Snowden (2013 - 2023),… Lloyd W
- Re: Ten years after Snowden (2013 - 2023), is IET… Masataka Ohta
- Re: [saag] Ten years after Snowden (2013 - 2023),… George Michaelson
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Niels ten Oever
- Re: Ten years after Snowden (2013 - 2023), is IET… Vittorio Bertola
- Re: Ten years after Snowden (2013 - 2023), is IET… Dave Taht
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Paul Wouters
- Re: Ten years after Snowden (2013 - 2023), is IET… Viktor Dukhovni
- Re: [saag] Ten years after Snowden (2013 - 2023),… Eric Rescorla
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Brian E Carpenter
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Tony Rutkowski
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Vittorio Bertola
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Ted Hardie
- Re: [Pearg] [saag] Ten years after Snowden (2013 … John Mattsson
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Kyle Rose
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Eric Rescorla
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- RE: [Pearg] [saag] Ten years after Snowden (2013 … Antoine FRESSANCOURT
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alan DeKok
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [EXT] Re: [Pearg] [saag] Ten years after Snow… Vittorio Bertola
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alan DeKok
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Dave Taht
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Stephen Farrell
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Deen, Glenn (NBCUniversal)
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… bzs
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Laurence Lundblade
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Mark Nottingham
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Abdussalam Baryun
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Abdussalam Baryun
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Laurence Lundblade
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Brian E Carpenter
- Re: [saag] Ten years after Snowden (2013 - 2023),… Kyle Rose
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Adrian Gropper
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] [hrpc] [Pearg] Ten years after Snowden… Tony Rutkowski
- times square 15 sec delay new years Dave Taht
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Vittorio Bertola
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alec Muffett
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alec Muffett
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Mark Nottingham
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Vittorio Bertola
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Ted Lemon
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [Pearg] times square 15 sec delay new years Jens Finkhaeuser
- Re: [Pearg] times square 15 sec delay new years Jens Finkhaeuser
- Re: [saag] Ten years after Snowden (2013 - 2023),… Kyle Rose
- Re: [Pearg] times square 15 sec delay new years Lloyd W
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Lloyd W
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Keith Moore
- Re: [saag] [hrpc] [Pearg] Ten years after Snowden… Masataka Ohta
- Re: Re: [saag] [hrpc] [Pearg] Ten years after Sno… wanzerbusi
- Re: [saag] Ten years after Snowden (2013 - 2023),… Masataka Ohta
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Fernando Gont
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Luigi Iannone