Re: Mallory-in-the-middle attacks (Re: SV: Diversity and offensive terminology in RFCs)
Mallory Knodel <mallory@article19.org> Sat, 22 September 2018 07:21 UTC
Return-Path: <mallory@article19.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A092B130DFF for <ietf@ietfa.amsl.com>; Sat, 22 Sep 2018 00:21:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8sZXg0LYhRSW for <ietf@ietfa.amsl.com>; Sat, 22 Sep 2018 00:21:12 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75C95130DF2 for <ietf@ietf.org>; Sat, 22 Sep 2018 00:21:12 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <mallory@article19.org>) id 1g3cDx-0007vP-5a for ietf@ietf.org; Sat, 22 Sep 2018 09:21:10 +0200
Subject: Re: Mallory-in-the-middle attacks (Re: SV: Diversity and offensive terminology in RFCs)
To: ietf@ietf.org
References: <cafa1282-ae6a-93de-ea4a-d100af28d8b8@digitaldissidents.org> <CAKHUCzxL8xgn2D2W9G=Qk=AXzyw4mmcqPii6GKBSiByRyxbq+Q@mail.gmail.com> <c755471a7f744fdd958759c6c5001147@exchange02.office.nic.se> <20180921191828.GB2164@localhost> <20180921211352.GD2164@localhost>
From: Mallory Knodel <mallory@article19.org>
Openpgp: preference=signencrypt
Autocrypt: addr=mallory@article19.org; prefer-encrypt=mutual; keydata= xsBNBEx0TWcBCAC8sirY3nlDnRwY6XWmsvZtM9kmEK6H8no3ZuQ723PKwHOddw1nOykh0in/ /QGRmwtyVzsfLh6/94UUZTn10oo+xGAfw2gf1on5IJTIiphykk732PNnUakVGWwHNKQquTVc kLrydUaFVMb89BAXqExBKlMg2ciEjzbYMCs3I/qZAZ0Wr5nF3RQS8O78elTNAgWTZ98yKTZV DlRoDpnvbfwtIPqnISoSjDEvEUBdpykvS3jHqlR1f6Mx6Xs97S5CORaer/0qTcDm0PAb1Z9l IhMsFl05tNt2FpgS4/RN8NyLasAQNOlScpTJbAfRuyyvRm1N8GLIL1KX+YYeLyqzhdhZABEB AAHNJU1hbGxvcnkgS25vZGVsIDxtYWxsb3J5QG1heWZpcnN0Lm9yZz7CwJgEEwECAEICGwMG CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAhkBFiEE4+tj4GWjskC82bBxDDKicb08x4AFAlqo 9WUFCRAV234ACgkQDDKicb08x4DklAf+ODKRmP6C2MnBz6vL8N8l3vZJUqoRcYXTn3uTpT05 Wou87ZIZ/P/OV2/uOMKkczLQQydj5S8PxbLTeg+U5f/63hdy99ON+K2b4izg7Qasdl1SqXTH q1pmhbrcbLbVKDJ345fdEg7RuMnv4gd3EaT/yQa99zHy8JHaBKaPEUQAa65HTt2Sy2c6L6BA aMZx1TOZ9/cZ7L1gJyytJbEyvg/JLOatJEI4rewUWU2TMSGJijwjAUBagwDPWyxpz+vXdKsD tqRTpY4xvXaeUQo0QXf0c5j1Gcglzv7ywZcyz1MGD1aLS9/CqeB3I4EMbvH/33LS3jNkfKbV XOTSjmo7l22CNc7ATQRMdE1nAQgA4mpP2LjFuAW2li9FPbDYOMzt0MtThXsnvHyY0fDv8FlU qnKgPrMY80VHntnxwqepFS3ncunVX4ipq+fadta+LHpTnbJSmlphBrc9qGJxqcjwf4yo35Xh OXCJFwnaoAwIX237lXRe4Xh6X4VMuJt8jiZdvgpbk/whvQH2grcq8KjCcy1iuL5pBl8ZwYG/ dphitFhQdqEcnc/krIqG4KQgKiUi3K/GR0OeEmw/cscWD7/CLEo7eHiaGQhSOyDQbM+Iu2o/ 6uMXMUPsYlMMqgmVL68zMacO3PE17jx0rQ8oZ7CpBY8YZWOWrzXrtFT8JO9guuCPsvd4KT6y 97y9LRJlPQARAQABwsB8BBgBAgAmAhsMFiEE4+tj4GWjskC82bBxDDKicb08x4AFAlqo9WYF CRAV238ACgkQDDKicb08x4DU4QgAmlyBlFhfU0jpkbyD3HQ+3CJqWdBT422pVIrj3qNT2ehy fWO66Muidmd4Y279uV3p3TQEJOQvnV7FVAC9+bI7AdBy00BAjHgJ5eSQZxKTXUoeeBAsTZHN /HaHewjYWHMvCuuzir/Wt3A6Cehh8gp9I/Vg+oL3dTldVqqgZLgnA83bT/R8fI/e85LDlpdx KJ0+uy/grg3AbH7LUUrmMIC2iO8mQWYuNlizsUZLFvJhCAU2c5l8B5mv2BoWFhL+l7mmNcdF bwBFXon7Ea1jkCnbWVxtXkPYkcuWuMSTJswn9HhZVJWjUonKqUZKAb9PxRzC9crZ+X14tQT3 iJt2a4ZM4w==
Message-ID: <0bd5adbf-a5c6-fc69-7b0b-f0131b5b05ba@article19.org>
Date: Sat, 22 Sep 2018 10:20:57 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0
MIME-Version: 1.0
In-Reply-To: <20180921211352.GD2164@localhost>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: 8b3222cd26cce149ddb9ffa05c4da76e
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/a5hFZaaniSol4yN3ISITo622mOU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Sep 2018 07:21:15 -0000
On 22/09/2018 00:13, Nico Williams wrote: > On Fri, Sep 21, 2018 at 02:18:29PM -0500, Nico Williams wrote: >> On Thu, Sep 20, 2018 at 12:09:06PM +0000, Anne-Marie Eklund-Löwinder wrote: >>> Some time ago we had a standardisation committee in Sweden, running a >>> project defining the terminology in Swedish for the information >>> security area. They came up with Janus-attack rather than man in the >>> middle-attack (the latter sounds weird in Swedish). >> >> But it's always *Mallory* who gets in the middle, so I'd call it a >> Mallory-in-the-middle attack, which has the very nice property of >> abbreviating to MITM, thus minimizing the change to that term of art. > > As it happens, one of the HRPC co-chairs is named Mallory (Knodel). > Just to clarify I was not referring to Mallory Knodel but to the > fictional character Mallory of Alice-and-Bob fame, you know, the > characters we use in expositions of cryptographic protocols and their > analyses, the full cast of which you can see in the following page: > > https://en.wikipedia.org/wiki/Alice_and_Bob > > Any resemblance to real persons must have been an accident, and anyways, > not mine. I hope we don't have to rename these fictional characters. I agree with Mallory-in-the-middle if only because I have fun working in tech with this name. But it doesn't solve the gender problem so much. Others have mentioned machine-in-the-middle, which has always made the most sense. -Mallory -- Mallory Knodel Head of Digital :: article19.org gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
- Diversity and offensive terminology in RFCs Niels ten Oever
- Re: Diversity and offensive terminology in RFCs Riccardo Bernardini
- Re: Diversity and offensive terminology in RFCs Stewart Bryant
- Re: Diversity and offensive terminology in RFCs Petr Špaček
- Re: Diversity and offensive terminology in RFCs Niels ten Oever
- Re: Diversity and offensive terminology in RFCs Dave Cridland
- Re: Diversity and offensive terminology in RFCs Loa Andersson
- Re: Diversity and offensive terminology in RFCs Mukund Sivaraman
- SV: Diversity and offensive terminology in RFCs Anne-Marie Eklund-Löwinder
- RE: Diversity and offensive terminology in RFCs Roberta Maglione (robmgl)
- Re: Diversity and offensive terminology in RFCs Ole Troan
- Re: Diversity and offensive terminology in RFCs Michal Krsek
- Re: Diversity and offensive terminology in RFCs Tony Finch
- Re: Diversity and offensive terminology in RFCs Job Snijders
- Re: Diversity and offensive terminology in RFCs Anton Ivanov
- Re: Diversity and offensive terminology in RFCs Anton Ivanov
- RE: Diversity and offensive terminology in RFCs Adrian Farrel
- Re: SV: Diversity and offensive terminology in RF… Jaap Akkerhuis
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Andrew Sullivan
- Re: Diversity and offensive terminology in RFCs Kathleen Moriarty
- Re: Diversity and offensive terminology in RFCs lloyd.wood
- Re: Diversity and offensive terminology in RFCs Carsten Bormann
- Re: SV: Diversity and offensive terminology in RF… lloyd.wood
- Re: Diversity and offensive terminology in RFCs Paul Wouters
- Re: Diversity and offensive terminology in RFCs Paul Wouters
- Re: Diversity and offensive terminology in RFCs lloyd.wood
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Stephan Wenger
- Re: Diversity and offensive terminology in RFCs Mark Nottingham
- Re: Diversity and offensive terminology in RFCs Stephen Farrell
- RE: Diversity and offensive terminology in RFCs John E Drake
- Re: Diversity and offensive terminology in RFCs Melinda Shore
- Re: Diversity and offensive terminology in RFCs Dick Franks
- Re: Diversity and offensive terminology in RFCs ned+ietf
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Melinda Shore
- Re: Diversity and offensive terminology in RFCs Melinda Shore
- Re: Diversity and offensive terminology in RFCs Paul Hoffman
- Re: SV: Diversity and offensive terminology in RF… Evan Hunt
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- ""Man-in-the-middle""? <was, Re: SV: Diversity an… Charlie Perkins
- Re: Diversity and offensive terminology in RFCs Evan Hunt
- Re: Diversity and offensive terminology in RFCs Melinda Shore
- Re: Diversity and offensive terminology in RFCs Evan Hunt
- Re: SV: Diversity and offensive terminology in RF… Michael StJohns
- Re: ""Man-in-the-middle""? <was, Re: SV: Diversit… Dave Aronson
- Re: SV: Diversity and offensive terminology in RF… Heather Flanagan
- Re: Diversity and offensive terminology in RFCs Mark Nottingham
- Re: Diversity and offensive terminology in RFCs Heather Flanagan
- Re: Diversity and offensive terminology in RFCs Evan Hunt
- Re: Diversity and offensive terminology in RFCs Carsten Bormann
- Re: Diversity and offensive terminology in RFCs Ted Lemon
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Evan Hunt
- Re: Diversity and offensive terminology in RFCs Carsten Bormann
- Re: Diversity and offensive terminology in RFCs John C Klensin
- Re: Diversity and offensive terminology in RFCs Carsten Bormann
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: SV: Diversity and offensive terminology in RF… Anton Ivanov
- Re: Diversity and offensive terminology in RFCs Yoav Nir
- Re: Diversity and offensive terminology in RFCs Kyle Rose
- Re: Diversity and offensive terminology in RFCs Brian E Carpenter
- Re: Diversity and offensive terminology in RFCs Carsten Bormann
- Re: Diversity and offensive terminology in RFCs Dave Cridland
- Re: Diversity and offensive terminology in RFCs Ted Lemon
- Re: why exactly is HRPC for, was Diversity and of… John Levine
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Ted Lemon
- Re: Diversity and offensive terminology in RFCs Brian E Carpenter
- Re: Diversity and offensive terminology in RFCs Mark Rousell
- Re: why exactly is HRPC for, was Diversity and of… Mark Rousell
- Re: why exactly is HRPC for, was Diversity and of… Melinda Shore
- Re: Diversity and offensive terminology in RFCs Alia Atlas
- Re: why exactly is HRPC for, was Diversity and of… Allison Mankin
- Re: Diversity and offensive terminology in RFCs Mark Rousell
- Re: Diversity and offensive terminology in RFCs Mark Rousell
- Re: Diversity and offensive terminology in RFCs Mark Rousell
- Re: Diversity and offensive terminology in RFCs Phillip Hallam-Baker
- Re: Diversity and offensive terminology in RFCs Lloyd Wood
- Re: Diversity and offensive terminology in RFCs Lloyd Wood
- On-path attackers (Was: Re: Diversity and offensi… Jari Arkko
- Re: why exactly is HRPC for, was Diversity and of… Eliot Lear
- Re: why exactly is HRPC for, was Diversity and of… Niels ten Oever
- Re: why exactly is HRPC for, was Diversity and of… Lloyd Wood
- Re: Diversity and offensive terminology in RFCs Eliot Lear
- Re: On-path attackers (Was: Re: Diversity and off… Kathleen Moriarty
- Re: Diversity and offensive terminology in RFCs Alissa Cooper
- Re: why exactly is HRPC for, was Diversity and of… Paul Wouters
- Re: why exactly is HRPC for, was Diversity and of… Ted Lemon
- Re: On-path attackers (Was: Re: Diversity and off… Donald Eastlake
- Re: why exactly is HRPC for, was Diversity and of… Lloyd Wood
- Re: Diversity and offensive terminology in RFCs Niels ten Oever
- Re: On-path attackers (Was: Re: Diversity and off… Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Ted Lemon
- Re: Diversity and offensive terminology in RFCs Anton Ivanov
- Re: On-path attackers (Was: Re: Diversity and off… Ted Lemon
- Re: why exactly is HRPC for, was Diversity and of… John R Levine
- Re: Diversity and offensive terminology in RFCs Paul Wouters
- Re: Diversity and offensive terminology in RFCs Eliot Lear
- Re: Diversity and offensive terminology in RFCs Phillip Hallam-Baker
- Re: Diversity and offensive terminology in RFCs Toerless Eckert
- Re: Diversity and offensive terminology in RFCs Nico Williams
- Re: why exactly is HRPC for, was Diversity and of… Avri
- Re: Diversity and offensive terminology in RFCs Spencer Dawkins at IETF
- Re: Diversity and offensive terminology in RFCs Dave Cridland
- Re: why exactly is HRPC for, was Diversity and of… John Levine
- Re: why exactly is HRPC for, was Diversity and of… Spencer Dawkins at IETF
- Re: why exactly is HRPC for, was Diversity and of… Allison Mankin
- Tell me if I should send this Re: why exactly is … Mallory Knodel
- Mallory-in-the-middle attacks (Re: SV: Diversity … Nico Williams
- Re: Diversity and offensive terminology in RFCs Nico Williams
- Re: On-path attackers (Was: Re: Diversity and off… Brian E Carpenter
- Re: Diversity and offensive terminology in RFCs Glenn Deen
- Re: Mallory-in-the-middle attacks (Re: SV: Divers… Nico Williams
- Re: Tell me if I should send this Re: why exactly… lloyd.wood
- Re: Mallory-in-the-middle attacks (Re: SV: Divers… Mallory Knodel
- Re: why exactly is HRPC for, was Diversity and of… Mallory Knodel
- Re: Diversity and offensive terminology in RFCs Abdussalam Baryun
- Re: why exactly is HRPC for, was Diversity and of… S Moonesamy
- Re: why exactly is HRPC for, was Diversity and of… Mallory Knodel