Re: [saag] Is traffic analysis really a target (was Re: Is opportunistic unauthenticated encryption a waste of time?)
"Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu> Mon, 25 August 2014 05:22 UTC
Return-Path: <hbhotz@oxy.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F25601A8A1F; Sun, 24 Aug 2014 22:22:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dGFIBkpHA6_1; Sun, 24 Aug 2014 22:22:07 -0700 (PDT)
Received: from mailout.easymail.ca (mailout.easymail.ca [64.68.201.169]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D136A1A8A15; Sun, 24 Aug 2014 22:22:06 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id 0A3B1DFB9; Mon, 25 Aug 2014 01:22:05 -0400 (EDT)
X-Virus-Scanned: Debian amavisd-new at mailout.easymail.ca
Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (easymail-mailout.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CzpUXRalMMIN; Mon, 25 Aug 2014 01:22:04 -0400 (EDT)
Received: from [172.20.12.170] (unknown [12.206.184.130]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id 05781DFB4; Mon, 25 Aug 2014 01:22:03 -0400 (EDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Subject: Re: [saag] Is traffic analysis really a target (was Re: Is opportunistic unauthenticated encryption a waste of time?)
From: "Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu>
In-Reply-To: <20140825023619.A28411D724E3@rock.dv.isc.org>
Date: Mon, 25 Aug 2014 01:22:03 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <9E04F9BB-BEAD-4B97-B07A-0A3A4E5ADF69@oxy.edu>
References: <53F548E5.2070208@cs.tcd.ie>, <53F54F1C.1060405@dcrocker.net>, <53F5D303.1090400@cs.tcd.ie>, <CAMm+LwhmJpnU8E9ifA47baneGB=qjHzU_cy+wepPYLXrOhB+Pg@mail.gmail.com>, <20140821160402.GT14392@mournblade.imrryr.org>, <f5d8b5dc37b84f709c8f2df7c7a69daf@AMSPR06MB439.eurprd06.prod.outlook.com>, <CAK3OfOgZzoXVnrE8Nbs6mwN2xD_snbzH9jT8TsYOVt8UASahYQ@mail.gmail.com>, <a354d63505924d76a15b505e60e27a16@AMSPR06MB439.eurprd06.prod.outlook.com>, <20140822140000.GE14392@mournblade.imrryr.org>, <BLU181-W84354FE6BEF12305A2A7DB93D10@phx.gbl>, <20140823040550.GQ5909@localhost> <BLU181-W307B52819C577693183E2D93D10@phx.gbl>, <53F8FA97.2020607@cs.tcd.ie> <BLU181-W664365D566637BE6D0E67493D10@phx.gbl> <53F908A1.6040207@cs.tcd.ie> <8BBAE4BE-F816-4170-9533-6400ACE463EA@cs.georgetown.edu> <6461D9C5-8B0B-42D3-9877-32DB3E6150C6@standardstrack.com> <20140825023619.A28411D724E3@rock.dv.isc.org>
To: Mark Andrews <marka@isc.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/yqhOMuZCPFp5Ousn_uOI6PXu93s
Cc: "saag@ietf.org" <saag@ietf.org>, Eric Burger <eburger@standardstrack.com>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Aug 2014 05:22:09 -0000
On Aug 24, 2014, at 10:36 PM, Mark Andrews <marka@isc.org> wrote: > In message <6461D9C5-8B0B-42D3-9877-32DB3E6150C6@standardstrack.com>, Eric Burger writes: > >> we have an existence proof of the mess that happens when we make >> all traffic look benign. By its nature all non-benign traffic will want to *look* benign. What makes me sad are the idiots with firewalls blocking access to all traffic other than TCP and UDP. We keep trying to make ourselves secure by limiting the standards support of the network instead of using a mix of techniques (defense in depth). Sorry. Preaching to the choir I’m sure. Personal email. hbhotz@oxy.edu
- Adept Encryption: Was: [saag] DANE should be more… Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Paul Wouters
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- Re: Adept Encryption: Was: [saag] DANE should be … Dave Crocker
- Re: Adept Encryption: Was: [saag] DANE should be … Scott Kitterman
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be … Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Kent
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: Adept Encryption: Was: [saag] DANE should be … Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … Christian Huitema
- Re: Adept Encryption: Was: [saag] DANE should be … Nico Williams
- RE: Adept Encryption: Was: [saag] DANE should be … l.wood
- Re: [saag]: Review of: Opportunistic Security -03… Viktor Dukhovni
- Re: [saag] Adept Encryption: Was: DANE should be … Nico Williams
- RE: [saag] Adept Encryption: Was: DANE should be … l.wood
- Re: Adept Encryption: Was: [saag] DANE should be … Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag]: Review of: Opportunistic Security -03… Paul Wouters
- Re: [saag] : Review of: Opportunistic Security -0… Stephen Kent
- Re: [saag] Adept Encryption: Was: DANE should be … Stephen Kent
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Theodore Ts'o
- RE: [saag] Is opportunistic unauthenticated encry… Christian Huitema
- Re: [saag] Is opportunistic unauthenticated encry… Nico Williams
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- RE: [saag] Is opportunistic unauthenticated encry… Bernard Aboba
- Re: [saag] Is opportunistic unauthenticated encry… Viktor Dukhovni
- Re: [saag] Is opportunistic unauthenticated encry… Stephen Farrell
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Eric Burger
- Re: Is traffic analysis really a target (was Re: … Michael StJohns
- Re: [saag] Is opportunistic unauthenticated encry… Dave Crocker
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: [saag] Is opportunistic unauthenticated encry… joel jaeggli
- Re: [saag] Is opportunistic unauthenticated encry… Fernando Gont
- Re: Is traffic analysis really a target (was Re: … Mark Andrews
- Re: [saag] Is traffic analysis really a target (w… Henry B (Hank) Hotz, CISSP
- Re: Is traffic analysis really a target (was Re: … Ted Hardie
- RE: [saag] Is opportunistic unauthenticated encry… Hosnieh Rafiee
- Re: Is traffic analysis really a target (was Re: … Brian E Carpenter
- Re: Is traffic analysis really a target (was Re: … Nico Williams
- Re: Is traffic analysis really a target (was Re: … Eric Burger