Re: [Pearg] draft-irtf-pearg-censorship review
Joseph Lorenzo Hall <hall@isoc.org> Mon, 18 May 2020 16:43 UTC
Return-Path: <hall@isoc.org>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E49DF3A08A6 for <pearg@ietfa.amsl.com>; Mon, 18 May 2020 09:43:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V27pZkH1pV9S for <pearg@ietfa.amsl.com>; Mon, 18 May 2020 09:43:19 -0700 (PDT)
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2057.outbound.protection.outlook.com [40.107.220.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96DEE3A08D2 for <pearg@irtf.org>; Mon, 18 May 2020 09:43:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LkF/xT2T8ikBEmaqoXlzvsCcyxonEfIDZo6bhfpBnIQlmYx6sM3utO4YkRVDJryF8oDYA+2eZ0cTLIg8zt5YgbSy/0WRZaX/fKSlQbRHCXu98NiZgWTzJlDqnr9VU6a5sEsvuZysJSKJK5x8QH3FP3IlDPIMkJRdUxIoRw8bUaSCKJqQxHvrcABCFSsXok8RJ/7qGxgfJ4SEjGBPnzvFCPyfdZv9BHYeVaeFm1TtxNCevWd4CELerdbgquMOlIH1dHkk33Fm28XHLR6Z3Pwx/1w0vAegtO7ZxP4H0bFQZuoTBjOWpJgDi0crkwrr/lmp9bukuNNycsAfx1+H0fXyng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0iw4SjsDMtzwiBtl21dtTyQ+/4YVJMORs0tY6Dt5eHo=; b=E5vbmqf+UTuJm1ET7R86Su337+OUhDGnQ0vn4HLIGjShcDftonl4+OOwPo3jvXESqXGRfFHo3ciXkVV2PksJFsfXE5vxLshwMLolX8XY9EmYh00vnpcrcPnaeIVeO3Ku+gUZF1Aw2hAsgf4JeNDxp+8B2rCdD3K82kEEIzn5lvS3hIUEXxXev13PhKtves7d8E6fz75yA7nOII9lo8zZ4y47JDhFa3zaWATpB0rrKXAFmwqG2w2tlleHep6VPvf6g/ihd63ydk9jYOPIxZjYIkb7WveTeMOEWphgsViGZ6Z/NGzw/Uv0pTd6YBtAna+Vt5R9qNxQVXT7uoJK8Qkrrg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=isoc.org; dmarc=pass action=none header.from=isoc.org; dkim=pass header.d=isoc.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.org; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0iw4SjsDMtzwiBtl21dtTyQ+/4YVJMORs0tY6Dt5eHo=; b=nzWpe4oS6DEo5wExsJyza8xvZPWIKGvXnv026bzzaB529n1xMp78XFN7VYMqU4glxDMYcbzG+WYW2iK50hOQp3ak5gOe7frubfUghYMUES1S3wbRPiIFXoRsz2N7mwoT0cTnogpO7V/XIuem30rSlY8bpJgxMq3druUqeW6wpiA=
Received: from BY5PR06MB6451.namprd06.prod.outlook.com (2603:10b6:a03:21e::20) by BY5PR06MB6596.namprd06.prod.outlook.com (2603:10b6:a03:236::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.20; Mon, 18 May 2020 16:43:18 +0000
Received: from BY5PR06MB6451.namprd06.prod.outlook.com ([fe80::b9b7:f0a7:b076:d5d5]) by BY5PR06MB6451.namprd06.prod.outlook.com ([fe80::b9b7:f0a7:b076:d5d5%5]) with mapi id 15.20.3000.022; Mon, 18 May 2020 16:43:18 +0000
From: Joseph Lorenzo Hall <hall@isoc.org>
To: Christopher Wood <caw@heapingbits.net>
CC: "pearg@irtf.org" <pearg@irtf.org>
Thread-Topic: [Pearg] draft-irtf-pearg-censorship review
Thread-Index: AQHWD6u84dP2BqvmUU+akQqO5soH/ah1z/vmgByW2YCAG+CwgA==
Date: Mon, 18 May 2020 16:43:17 +0000
Message-ID: <C8A4EE3C-34F4-4F93-BA14-8F7920BA7F31@isoc.org>
References: <fbf66d2f-cebc-4978-ad1d-26ccea08687b@www.fastmail.com> <BY5PR06MB6451E16F6DDCE49B3444ECCFB1DC0@BY5PR06MB6451.namprd06.prod.outlook.com> <317d061c-1fdd-4c95-a24b-b9cc56fececf@www.fastmail.com>
In-Reply-To: <317d061c-1fdd-4c95-a24b-b9cc56fececf@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
authentication-results: heapingbits.net; dkim=none (message not signed) header.d=none;heapingbits.net; dmarc=none action=none header.from=isoc.org;
x-originating-ip: [108.28.51.147]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: eb8245ff-cfef-4709-323b-08d7fb4a9159
x-ms-traffictypediagnostic: BY5PR06MB6596:
x-microsoft-antispam-prvs: <BY5PR06MB6596E68E80947DADD3516905B1B80@BY5PR06MB6596.namprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 04073E895A
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: h82OiIq/8NI3PcFpSWlgA6OVTCOii80AaghUBc44FmexucHDmhmisQQiW/Ksz9uMQKlM9bDVrHxET8HMh1KoOfKi66BqPTCyDGQmbEryjD2xXuR3uibbWnF9Y6sQ/dqEiv3XxlNmWDg8C8W27EQA6RPMPtQFRRjcyaQqYiYwUFFhxqotT0gVeP1/stkYGntGKsibPho1ZdYJfbi/OctaJ+XX8PxapzH9+WgUlHnnTm/yzGXZ/APZYexDDmO5opxbzlExbF87kwEqZkBz/5NQce4FYR7ylVdXRQzdet7ukiy4Rk+XDRS9zcsWYUT81K9xFJ334Gtro5LABW6i8FJlEIZvN9wQMvkni8uGYiFuVyG4xhRpJ9POR3jB2l14DBu9zk2CUptMAyN4s2wEdeGDwmNAHO4jy930JOCddtBZHY3fZal8bECqarcHUynSdmVrpTmdTeKtmpkLMClY8kxPpdiWZKJxJLqW15UL9FPceAPqsxq5Y5vPBUotDAc/qHsmxaR1xq6436QigyxHn+PJsw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR06MB6451.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(376002)(346002)(39840400004)(396003)(136003)(366004)(5660300002)(4326008)(86362001)(166002)(66574014)(186003)(6916009)(6486002)(316002)(8936002)(26005)(8676002)(6512007)(6506007)(53546011)(36756003)(2616005)(71200400001)(966005)(2906002)(478600001)(64756008)(66446008)(33656002)(76116006)(66946007)(91956017)(66476007)(66556008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: VNx3AAYFAxYYzv/k3KtqW4vrK+LvJOjarYHl9rDgtdl5ZC4OEZ7T/5fFWjCJbgznhyDXSDMPZ4rVWaosKNb5EHaaaFPv7GsC+0VJYTfOKh0/Nem5ji9SqD6kcPUekMFYUhoDv8yEG2d/4TnQfwwWAB+u2U8hLEU8SJzkoAokwwA8PlU2pEcbMuUQT0yBdm/XjkB/057fx83zdY69Yfer++SdhvqNEiJ2dI4fN4fKifDG4Yrn3/lZ2oBSSv96Kcrhx8ZqGoSEuzj0Veyllnn8BVUfAvHdja63XjDBDOtHG72WW9/h/ggsJnPeIfqPqlnFC5PndGNo887czxCrfCdULpFMy2RUaKbMi959+sKfakfTfsEVwFQHQz2VppIEh0IBYQE2P8cV4eTHGHbzaEBttGcGM3UcVmq00n5fTCEtVs6W+iq+e/wkR6nJc0WwXdY3WMw8q+FXip78zDbljE93JcpxldX8jCGYqYrflhuBbDI=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_C8A4EE3C34F44F93BA148F7920BA7F31isocorg_"
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-Network-Message-Id: eb8245ff-cfef-4709-323b-08d7fb4a9159
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2020 16:43:17.9932 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GzIRqyy/1Tm0FD+IoP/uRgUNEiafCNliDhTUMpy186M7NgvBbOP78F6MgsIFb65z
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR06MB6596
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/j7AZxJCGkVzxW72fCaIrhc7T2Mc>
Subject: Re: [Pearg] draft-irtf-pearg-censorship review
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2020 16:43:22 -0000
Thanks, Chris! … one last thing and I’ll peel off a new version shortly:
On Apr 30, 2020, at 7:00 PM, Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>> wrote:
* Section 4.2.3: It's probably worth mentioning QUIC here, especially as it complicates this type of attack. It might also be worth citing recent research [3] on off-path TCP attacks, noting that the censor need not be on-path to interfere with service.
(That off-path paper is awesome! Had not seen that.)
Cool, that makes sense about QUIC. I don't have a good feel for what to
write here. How does this feel, "Note, the increasingly popular QUIC
protocol is based on UDP, a connection-less transport protocol, so
cannot be attacked using TCP RST packet injection."
That seems a bit weird... but it sounds like there may be more under
the surface to your comment so please suggest how that text above could
be better cleaned up?
I'd probably just say something like, "QUIC is not vulnerable to these types of injection attacks. See {{quic-draft}} for more details."
Done.
* Section 3.2.1: The [Verkamp-2012] reference seems broken.
Hmmm, I don't see this. The link works (
https://www.usenix.org/system/files/conference/foci12/foci12-final1.pdf
) and the reference is rendering correctly.
Oh, sorry, the link is working, it's the reference in the document (the forward pointer to the references section) that's broken (not clickable):
https://tools.ietf.org/html/draft-irtf-pearg-censorship-02#section-3.2.1
I can’t reproduce this locally. The HTML output on my side has the correct anchor, etc. I’ll upload a new version to the datatracker and see if that fixes it… if not, I’ll dig deeper and see if it’s MT’s markdown tool or datatracker, etc.
best, Joe
--
Joseph Lorenzo Hall, Senior Vice President, Strong Internet
hall@isoc.org<mailto:hall@isoc.org> | +1-703-483-9504
internetsociety.org<http://internetsociety.org> | @internetsociety
pgp: https://josephhall.org/gpg-key
3CA28D7B9F6DDBD34B1016075F86698740A9A871
- [Pearg] draft-irtf-pearg-censorship review Christopher Wood
- Re: [Pearg] draft-irtf-pearg-censorship review Joseph Lorenzo Hall
- Re: [Pearg] draft-irtf-pearg-censorship review Joseph Lorenzo Hall
- Re: [Pearg] draft-irtf-pearg-censorship review Christopher Wood
- Re: [Pearg] draft-irtf-pearg-censorship review Joseph Lorenzo Hall
- Re: [Pearg] draft-irtf-pearg-censorship review Joseph Lorenzo Hall