[Pearg] New I-D on Privacy and Security Threat Analysis for Private Messaging

Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> Thu, 31 October 2019 21:30 UTC

Return-Path: <bernie@ietf.hoeneisen.ch>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 03AF7120AA2; Thu, 31 Oct 2019 14:30:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id EPbyhTCBhLQc; Thu, 31 Oct 2019 14:30:39 -0700 (PDT)
Received: from softronics.hoeneisen.ch (softronics.hoeneisen.ch []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3371208D5; Thu, 31 Oct 2019 14:30:38 -0700 (PDT)
Received: from localhost ([]) by softronics.hoeneisen.ch with esmtp (Exim 4.86_2) (envelope-from <bernie@ietf.hoeneisen.ch>) id 1iQI1c-00021t-H8; Thu, 31 Oct 2019 22:30:36 +0100
Date: Thu, 31 Oct 2019 22:30:36 +0100 (CET)
From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
X-X-Sender: bhoeneis@softronics.hoeneisen.ch
To: IETF PEARG List <pearg@irtf.org>
cc: IETF MEDUP ML <medup@ietf.org>
Message-ID: <alpine.DEB.2.20.1910312212280.25390@softronics.hoeneisen.ch>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
X-SA-Exim-Mail-From: bernie@ietf.hoeneisen.ch
X-SA-Exim-Scanned: No (on softronics.hoeneisen.ch); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/si1GUU-dOFJ6_9pKkbjCGC_hu_o>
Subject: [Pearg] New I-D on Privacy and Security Threat Analysis for Private Messaging
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 21:30:47 -0000

Dear PEARG List

Please be informed that we have just submitted a new Internet-Draft on 
"Privacy and Security Threat Analysis for Private Messaging".
(More information, see below.)


This work is a split-out of the general MEDUP (Missing Elements for 
Decentralized Usable Privacy) approach, which is about enhancements to 
application protocols for decentralized usable privacy.

   https://www.ietf.org/mailman/listinfo/medup (Non-WG mailing list)

A predecessor of this document was discussed in MEDUP. We concluded that 
this work is more generic and likely much more in scope for PEARG.

Iraklis (the main author) will present this during the PEARG meeting in 
Singapore and we may consider to assume this as PEARG WG item.

Looking forward to your feedback and comments on the PEARG mailing list.

All the best

---------- Forwarded message ----------

A new version of I-D, draft-symeonidis-pearg-private-messaging-threats-00.txt
has been successfully submitted by Bernie Hoeneisen and posted to the
IETF repository.

Name:		draft-symeonidis-pearg-private-messaging-threats
Revision:	00
Title:		Privacy and Security Threat Analysis for Private Messaging
Document date:	2019-10-31
Group:		Individual Submission
Pages:		13
URL:            https://www.ietf.org/internet-drafts/draft-symeonidis-pearg-private-messaging-threats-00.txt
Status:         https://datatracker.ietf.org/doc/draft-symeonidis-pearg-private-messaging-threats/
Htmlized:       https://tools.ietf.org/html/draft-symeonidis-pearg-private-messaging-threats-00
Htmlized:       https://datatracker.ietf.org/doc/html/draft-symeonidis-pearg-private-messaging-threats

    Modern email and instant messaging applications offer private
    communications between users.  As IM and Email network designs become
    more similar, both share common concerns about security and privacy
    of the information exchanged.  However, the solutions available to
    mitigate these threats and to comply with the requirements may
    differ.  The two communication methods are, in fact, built on
    differing assumptions and technologies.  Assuming a scenario of
    untrusted servers, we analyze threats against message delivery and
    storage, the requirements that these systems need, and the solutions
    that exist in order to help implement secure and private messaging.
    From the discussed technological challenges and requirements, we aim
    to derive an open standard for private messaging.

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat