RE: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
Antoine FRESSANCOURT <antoine.fressancourt@huawei.com> Wed, 04 January 2023 08:59 UTC
Return-Path: <antoine.fressancourt@huawei.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D37C3C14CF03; Wed, 4 Jan 2023 00:59:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YF2Xp6CqWlcW; Wed, 4 Jan 2023 00:59:06 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D07B2C14F74E; Wed, 4 Jan 2023 00:59:05 -0800 (PST)
Received: from lhrpeml500002.china.huawei.com (unknown [172.18.147.201]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4Nn3N05Nykz67Nc8; Wed, 4 Jan 2023 16:55:28 +0800 (CST)
Received: from lhrpeml500003.china.huawei.com (7.191.162.67) by lhrpeml500002.china.huawei.com (7.191.160.78) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 4 Jan 2023 08:59:03 +0000
Received: from lhrpeml500003.china.huawei.com ([7.191.162.67]) by lhrpeml500003.china.huawei.com ([7.191.162.67]) with mapi id 15.01.2375.034; Wed, 4 Jan 2023 08:59:03 +0000
From: Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>
To: Stewart Bryant <stewart.bryant@gmail.com>, Dino Farinacci <farinacci@gmail.com>
CC: Brian E Carpenter <brian.e.carpenter@gmail.com>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, "pearg@irtf.org" <pearg@irtf.org>, saag <saag@ietf.org>
Subject: RE: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
Thread-Topic: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
Thread-Index: AQHZH1ufkLvtCC06XE6xjs5DjZimWq6NF5nVgAAvQoCAAKEtgIAACOuA
Date: Wed, 04 Jan 2023 08:59:03 +0000
Message-ID: <3c3230f3783b4ec9a8a9e3bb87cc2a8d@huawei.com>
References: <9C9FAB23-D95D-4BB6-820C-95DA8018451B@gmail.com> <9E792EAB-29DF-4A7F-8F6B-BD5BF8041167@gmail.com>
In-Reply-To: <9E792EAB-29DF-4A7F-8F6B-BD5BF8041167@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.206.215.38]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/bEaC6ZrXtrLKFZcujVlmkQ5kcaM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 08:59:09 -0000
Hello, IP addresses are indeed topological. As you mentioned, the challenge with making the network layer privacy-preserving is how to route the packet without revealing the source and destination of packets. In the literature, there has been two approaches to this challenge: using a set of indirection elements (proxies, onion relays, private relays, you name them) in order to keep a sense of destination-based routing or using a source routing approach so that the source encodes the path to the destination using a sequentially encrypted data structure that is decrypted little by little by the elements relaying the packet. The latter approach is for example demonstrated in Sphinx or Hornet, two academic work in the area of privacy-preserving communications. I think this later approach has not been given enough attention in practical solutions, and I would be interested in working on the challenges raised by such an approach in the realm of the IETF. If the data plane becomes anonymous, there is indeed a need to also have privacy in the control plane. In my view, this is less challenging because the timing constraints in the control plane are (a bit) less constraining, and we can use techniques studied in PPM or OHAI WG. For instance, if we adopt the source-routed approach to protect privacy at the IP layer, we need to have a privacy-preserving path computation element of some sort. This element could be developed using techniques from private information retrieval, secure multiparty computation or oblivious transfer. Would there be interest in the community to have a document summarizing the state of affairs and remaining challenges of IP layer anonymization? I volunteer to start such a document if there is. Best regards, Antoine -----Original Message----- From: saag <saag-bounces@ietf.org> On Behalf Of Stewart Bryant Sent: mercredi 4 janvier 2023 09:06 To: Dino Farinacci <farinacci@gmail.com> Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>; John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>; ietf@ietf.org; hrpc@irtf.org; pearg@irtf.org; saag <saag@ietf.org> Subject: Re: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises? For all end to end communications the routing system needs to know how to deliver the packet. Obscuring the mapping between the address and the location moves the anonymisation problem from the data plane to the routing plane. This makes life harder for the observer, but I am not sure that it makes it sufficiently hard as to be worth the cost. One advantage of the topological association of addresses is the intrinsic address aggregation property which both reduces routing traffic overhead and speeds up convergence. Stewart Sent from my iPad > On 3 Jan 2023, at 22:29, Dino Farinacci <farinacci@gmail.com> wrote: > > EIDs are not topological. We have all known this for a very long time. We can make them ephemeral as well, we can make them cryptographic. > > Dino > >> On Jan 3, 2023, at 11:38 AM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: >> >>> On 03-Jan-23 23:27, John Mattsson wrote: >>> >>> IP addresses are still not only long-lived trackable identifiers, but they also reveal your location. >> >> IP addressing is intrinsically topological, so this is never going to change. >> >> (Temporary IPv6 addresses are not long-lived, but they remain topological.) >> >> Brian >> >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag > _______________________________________________ saag mailing list saag@ietf.org https://www.ietf.org/mailman/listinfo/saag
- Ten years after Snowden (2013 - 2023), is IETF ke… John Mattsson
- Re: Ten years after Snowden (2013 - 2023), is IET… Lloyd W
- Re: Ten years after Snowden (2013 - 2023), is IET… Brian E Carpenter
- Re: Ten years after Snowden (2013 - 2023), is IET… Phillip Hallam-Baker
- Re: Ten years after Snowden (2013 - 2023), is IET… Christian Huitema
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: Ten years after Snowden (2013 - 2023), is IET… Dave Taht
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Adrian Gropper
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- RE: [saag] Ten years after Snowden (2013 - 2023),… Antoine FRESSANCOURT
- Re: [saag] Ten years after Snowden (2013 - 2023),… Lloyd W
- Re: Ten years after Snowden (2013 - 2023), is IET… Masataka Ohta
- Re: [saag] Ten years after Snowden (2013 - 2023),… George Michaelson
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Niels ten Oever
- Re: Ten years after Snowden (2013 - 2023), is IET… Vittorio Bertola
- Re: Ten years after Snowden (2013 - 2023), is IET… Dave Taht
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Paul Wouters
- Re: Ten years after Snowden (2013 - 2023), is IET… Viktor Dukhovni
- Re: [saag] Ten years after Snowden (2013 - 2023),… Eric Rescorla
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] Ten years after Snowden (2013 - 2023),… Brian E Carpenter
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Tony Rutkowski
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Vittorio Bertola
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Ted Hardie
- Re: [Pearg] [saag] Ten years after Snowden (2013 … John Mattsson
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Kyle Rose
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Eric Rescorla
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- RE: [Pearg] [saag] Ten years after Snowden (2013 … Antoine FRESSANCOURT
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alan DeKok
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [EXT] Re: [Pearg] [saag] Ten years after Snow… Vittorio Bertola
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alan DeKok
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Dave Taht
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Stephen Farrell
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Deen, Glenn (NBCUniversal)
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… bzs
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Laurence Lundblade
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Mark Nottingham
- Re: [hrpc] Ten years after Snowden (2013 - 2023),… Abdussalam Baryun
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Abdussalam Baryun
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Brad Chen
- Re: [hrpc] [saag] [Pearg] Ten years after Snowden… Laurence Lundblade
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Stewart Bryant
- Re: [saag] Ten years after Snowden (2013 - 2023),… Brian E Carpenter
- Re: [saag] Ten years after Snowden (2013 - 2023),… Kyle Rose
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [saag] Ten years after Snowden (2013 - 2023),… Phillip Hallam-Baker
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Adrian Gropper
- Re: [saag] Ten years after Snowden (2013 - 2023),… Dino Farinacci
- Re: [saag] [hrpc] [Pearg] Ten years after Snowden… Tony Rutkowski
- times square 15 sec delay new years Dave Taht
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Vittorio Bertola
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alec Muffett
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Alec Muffett
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Mark Nottingham
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Vittorio Bertola
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Ted Lemon
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [hrpc] [Pearg] [saag] Ten years after Snowden… Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [Pearg] times square 15 sec delay new years Jens Finkhaeuser
- Re: [Pearg] times square 15 sec delay new years Jens Finkhaeuser
- Re: [saag] Ten years after Snowden (2013 - 2023),… Kyle Rose
- Re: [Pearg] times square 15 sec delay new years Lloyd W
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Tony Rutkowski
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Lloyd W
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Phillip Hallam-Baker
- Re: [saag] [Pearg] Ten years after Snowden (2013 … Keith Moore
- Re: [saag] [hrpc] [Pearg] Ten years after Snowden… Masataka Ohta
- Re: Re: [saag] [hrpc] [Pearg] Ten years after Sno… wanzerbusi
- Re: [saag] Ten years after Snowden (2013 - 2023),… Masataka Ohta
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Fernando Gont
- Re: [Pearg] [saag] Ten years after Snowden (2013 … Luigi Iannone