IETF Logo Mail Archive

Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

jnc@mercury.lcs.mit.edu (Noel Chiappa) Fri, 06 September 2013 14:01 UTC

Return-Path: <jnc@mercury.lcs.mit.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 150EA11E816F for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 07:01:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.47
X-Spam-Level:
X-Spam-Status: No, score=-6.47 tagged_above=-999 required=5 tests=[AWL=0.129, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9An9PZHaVYO for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 07:01:16 -0700 (PDT)
Received: from mercury.lcs.mit.edu (mercury.lcs.mit.edu [18.26.0.122]) by ietfa.amsl.com (Postfix) with ESMTP id 2052D11E825E for <ietf@ietf.org>; Fri, 6 Sep 2013 07:01:12 -0700 (PDT)
Received: by mercury.lcs.mit.edu (Postfix, from userid 11178) id 461FD18C11B; Fri, 6 Sep 2013 10:01:10 -0400 (EDT)
To: ietf@ietf.org
Subject: Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA
Message-Id: <20130906140110.461FD18C11B@mercury.lcs.mit.edu>
Date: Fri, 06 Sep 2013 10:01:10 -0400
From: jnc@mercury.lcs.mit.edu
Cc: jnc@mercury.lcs.mit.edu
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 14:01:21 -0000

    > From: Martin Millnert <martin@millnert.se>

    > Bruce was ... suggesting that encrypting everything on the wire makes
    > both metadata and payload collection from wires less valuable. Here
    > comes the key point: Encrypting everything on the wire raises the cost
    > for untargeted mass surveillance significantly. And that is what it is
    > all about.

I have no problems with encrypting everything, as long as we realize that in
doing so, we're only solving one corner of the problem, and the watchers will
just move their efforts elsewhere; all intelligent attackers always look for
the weak point, no?

(Although I have to wonder at the computing load needed to do so. I gather
e.g. Google's datacenters use enormous amounts of energy - I wonder if mass
encryption of all traffic on the Internet would be literally a 'boiling the
ocean' solution... I'm amused by the memory of people who used to react with
shock and horror to variable length addresses, because of the extra
computational load required to handle _them_....)

    > And best is of course if this can be end to end

That's going to take quite a while to accomplish; it requires updating all the
hosts. (I know, we don't have to get to 99.9%, but it's still non-trivial to
get to, say, 70%.)

	Noel

v2.23.0 | Report a Bug | By Email