[Pearg] New I-D on Privacy and Security Threat Analysis for Private Messaging
Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> Thu, 31 October 2019 21:30 UTC
Return-Path: <bernie@ietf.hoeneisen.ch>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03AF7120AA2; Thu, 31 Oct 2019 14:30:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EPbyhTCBhLQc; Thu, 31 Oct 2019 14:30:39 -0700 (PDT)
Received: from softronics.hoeneisen.ch (softronics.hoeneisen.ch [62.2.86.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3371208D5; Thu, 31 Oct 2019 14:30:38 -0700 (PDT)
Received: from localhost ([127.0.0.1]) by softronics.hoeneisen.ch with esmtp (Exim 4.86_2) (envelope-from <bernie@ietf.hoeneisen.ch>) id 1iQI1c-00021t-H8; Thu, 31 Oct 2019 22:30:36 +0100
Date: Thu, 31 Oct 2019 22:30:36 +0100
From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
X-X-Sender: bhoeneis@softronics.hoeneisen.ch
To: IETF PEARG List <pearg@irtf.org>
cc: IETF MEDUP ML <medup@ietf.org>
Message-ID: <alpine.DEB.2.20.1910312212280.25390@softronics.hoeneisen.ch>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: bernie@ietf.hoeneisen.ch
X-SA-Exim-Scanned: No (on softronics.hoeneisen.ch); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/si1GUU-dOFJ6_9pKkbjCGC_hu_o>
Subject: [Pearg] New I-D on Privacy and Security Threat Analysis for Private Messaging
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 21:30:47 -0000
Dear PEARG List CC MEDUP List Please be informed that we have just submitted a new Internet-Draft on "Privacy and Security Threat Analysis for Private Messaging". (More information, see below.) https://tools.ietf.org/html/draft-symeonidis-pearg-private-messaging-threats-00 This work is a split-out of the general MEDUP (Missing Elements for Decentralized Usable Privacy) approach, which is about enhancements to application protocols for decentralized usable privacy. https://www.ietf.org/mailman/listinfo/medup (Non-WG mailing list) A predecessor of this document was discussed in MEDUP. We concluded that this work is more generic and likely much more in scope for PEARG. Iraklis (the main author) will present this during the PEARG meeting in Singapore and we may consider to assume this as PEARG WG item. Looking forward to your feedback and comments on the PEARG mailing list. All the best Bernie ---------- Forwarded message ---------- A new version of I-D, draft-symeonidis-pearg-private-messaging-threats-00.txt has been successfully submitted by Bernie Hoeneisen and posted to the IETF repository. Name: draft-symeonidis-pearg-private-messaging-threats Revision: 00 Title: Privacy and Security Threat Analysis for Private Messaging Document date: 2019-10-31 Group: Individual Submission Pages: 13 URL: https://www.ietf.org/internet-drafts/draft-symeonidis-pearg-private-messaging-threats-00.txt Status: https://datatracker.ietf.org/doc/draft-symeonidis-pearg-private-messaging-threats/ Htmlized: https://tools.ietf.org/html/draft-symeonidis-pearg-private-messaging-threats-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-symeonidis-pearg-private-messaging-threats Abstract: Modern email and instant messaging applications offer private communications between users. As IM and Email network designs become more similar, both share common concerns about security and privacy of the information exchanged. However, the solutions available to mitigate these threats and to comply with the requirements may differ. The two communication methods are, in fact, built on differing assumptions and technologies. Assuming a scenario of untrusted servers, we analyze threats against message delivery and storage, the requirements that these systems need, and the solutions that exist in order to help implement secure and private messaging. From the discussed technological challenges and requirements, we aim to derive an open standard for private messaging. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Pearg] New I-D on Privacy and Security Threat An… Bernie Hoeneisen