IETF Logo Mail Archive

Re: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 04 January 2023 21:24 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2FEDC15153D; Wed, 4 Jan 2023 13:24:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g0lYZxJZWGDI; Wed, 4 Jan 2023 13:24:35 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3430EC15154D; Wed, 4 Jan 2023 13:24:35 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id o8-20020a17090a9f8800b00223de0364beso40260787pjp.4; Wed, 04 Jan 2023 13:24:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=7ZmH0K16c6cJTVLbfi6aujNTIu9pEMGzjP7g9mx73S8=; b=X3VcLlIs3sRLFMdABwLWmQ1XiCJ4vYtupjyyazYfTGtcGkmfjHfkT1/xKL2lKxYO3n VJbYT1Sr2g1sZfrldJTfFRhOontt7fN2wfYVFLcV/99cz9ulK+S1tsN2qPRp2TtoqPfr x3wjxlSVp+3xYoDfU4Eg9sqv6vzEYf6crzwEViQJjgojytmpmUaNrzc3lKQwRagEKs8l pDYgFAT45BU7nDgf439VbPDpHJ/KFfVR9MIsd1P4dItWf1DZQm2vtOEm9FE9cilOMUG9 pgrrzKB0t61OH0sGpzpWCY8qzQA7w/9AO88ZZCpVH1xxpWB6aBt2G2kDX5eI4J++PG2l bowA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7ZmH0K16c6cJTVLbfi6aujNTIu9pEMGzjP7g9mx73S8=; b=wYl0t0jbyoC/nOcr7HsB0C3N+tVHzW3dVrzA2h/pEJB+ddff+D86s2yt/wpNfeu+Tr xrj5ldeyuAuEYIzZDEpZA4LZVXQqXE5H0he5qTFtHZCInJp2Y3BKWQWuG6RNbguy22FB ZYtHRQHS2bsCKnFQvn3Or3FmeRbkebqdk8YyxJ3sbpKg7whjca/OHbLG6nJYVaw97meI Go7cuMCgftmpe4Gaxx60pnO2l6b/nKehjd+5F3ovGYHi3eVnWuhyGht1vVamNrJqg99a 2UqQG31MNxSsQ/2AU/PgFp+nsXEDXqq93jTjpiQl2La5cu+jfxhETKDpassdXsicsX6q zF1g==
X-Gm-Message-State: AFqh2koXvQ84lQ9d6Ct1WwWpDcy2KVJN033Y9jNSTII0M//wjVI19RCx wEUBm9sirL/jUgKei38Qz4xeW83PFMqmkQ==
X-Google-Smtp-Source: AMrXdXsisSo7piS5kPPufuu8Y0eblyBx3uWNDfssW6yr9n17deP+toh+osY+0WEbgMAFymAqvJF+mQ==
X-Received: by 2002:a17:902:6bcb:b0:192:eb8d:4d62 with SMTP id m11-20020a1709026bcb00b00192eb8d4d62mr2859801plt.13.1672867473856; Wed, 04 Jan 2023 13:24:33 -0800 (PST)
Received: from ?IPV6:2406:e003:10c2:2501:6969:5efe:7979:3937? ([2406:e003:10c2:2501:6969:5efe:7979:3937]) by smtp.gmail.com with ESMTPSA id i14-20020a170902cf0e00b00186a2444a43sm24589059plg.27.2023.01.04.13.24.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 04 Jan 2023 13:24:33 -0800 (PST)
Message-ID: <5e37bbe7-c785-6f52-7841-6562d8e77fe1@gmail.com>
Date: Thu, 05 Jan 2023 10:24:27 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Subject: Re: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
Content-Language: en-US
To: George Michaelson <ggm@algebras.org>, Lloyd W <lloyd.wood=40yahoo.co.uk@dmarc.ietf.org>
Cc: Antoine FRESSANCOURT <antoine.fressancourt=40huawei.com@dmarc.ietf.org>, IETF Discussion Mailing List <ietf@ietf.org>, pearg@irtf.org, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, saag <saag@ietf.org>, Dino Farinacci <farinacci@gmail.com>, hrpc@irtf.org
References: <3c3230f3783b4ec9a8a9e3bb87cc2a8d@huawei.com> <08C49067-DB4C-41AB-A6F3-B96BDBE0A4BC@yahoo.co.uk> <CAKr6gn0tFXEV-h7LH1_Ts5iQRw_mGEi=TqS7hsyK-SqDFmmY-A@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <CAKr6gn0tFXEV-h7LH1_Ts5iQRw_mGEi=TqS7hsyK-SqDFmmY-A@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/obDASQ98ainlI6dVTeA3E7NnGnA>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 21:24:39 -0000

Credit where it's due: Sourceless Network Architecture was described many years ago:

https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-849.pdf

Regards
    Brian

On 04-Jan-23 22:35, George Michaelson wrote:
> Put a nonce source ip in the packet header and the real source as 4-16 bytes of PFS protected payload.
> 
> Use asymmetric routing. A single point of capture which isn't close to source or destination is occluded.
> 
> Can't fix a warrant tap, but can at least obfuscate for on-path.
> 
> G

v2.23.0 | Report a Bug | By Email