Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 31 January 2016 19:13 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80FE81B2BDF for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 11:13:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CTwayzNxNVEi for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 11:13:35 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04D1A1B2BDB for <perpass@ietf.org>; Sun, 31 Jan 2016 11:13:34 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 9C008BDF9; Sun, 31 Jan 2016 19:13:33 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xnVCAtvKnDcx; Sun, 31 Jan 2016 19:13:32 +0000 (GMT)
Received: from [10.87.48.75] (unknown [86.42.24.192]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 157C4BE64; Sun, 31 Jan 2016 19:13:30 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1454267610; bh=bbgRD+djs9o+G2mgKfFgpPnQ6tOBn4NdSInFofvuDlE=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=aRw5K8uN+dFghXju1HwUQm65tmGgoBi3qs+CXwSS3WSBc5VtxjgKcQIisfN62smkm uFxT1RsezjZO1ISee9GisoeOpHsw7KD/EljY9Td3VthlK9+Mrw9rytiaQnLIvxP+zI VW6uPslBltD5W4G2V4uhqVqrcqb4hOUYDbnfbxoA=
To: dcrocker@bbiw.net, Nicholas Weaver <nweaver@icsi.berkeley.edu>, "Matthijs R. Koot" <matthijs@koot.biz>
References: <56ACE9FF.3080606@dcrocker.net> <56ACFFE5.5000506@cs.tcd.ie> <5295c0797c43debce5367771cd87fdfb.w00t@mrkoot.com> <394C9C42-5E56-4271-A90B-8486D4A16011@icsi.berkeley.edu> <56AE581B.7050507@cs.tcd.ie> <56AE5A81.4040805@dcrocker.net>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56AE5CD9.50306@cs.tcd.ie>
Date: Sun, 31 Jan 2016 19:13:29 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <56AE5A81.4040805@dcrocker.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/1q6bjfFPDjaNqzhfU-hUX_l9vS4>
Cc: perpass@ietf.org
Subject: Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2016 19:13:36 -0000
On 31/01/16 19:03, Dave Crocker wrote: > > On 1/31/2016 10:53 AM, Stephen Farrell wrote: >> Given that much >> SMTP is now transmitted over TLS, I think the opportunity >> for the likes of NSA to record all the PGP ciphertext has >> to be have been significantly diminished. > > > This depends on the degree of cooperation they get from operators, since > TLS is only for one hop and the messages is in the clear at any > SMTP-level transit points. Sure. OTOH, it also means that the PGP ciphertext can no longer be as easily extracted from almost any network tap, which used be the case. And (absent an attacker) doesn't most mail these days only tend to transit the public Internet in one hop? My point is not that the current situation is perfect (it is not) but that it is improving and vastly improved on what we had deployed that got used 3 years ago. (IOW, I'm an optimist but hopefully not a fansasticist:-) S. > > d/ > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass >
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Connery
- [perpass] Cops hate encryption but the NSA loves … Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Matthijs R. Koot
- Re: [perpass] Cops hate encryption but the NSA lo… Nicholas Weaver
- Re: [perpass] Cops hate encryption but the NSA lo… Robin Wilton
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Kyzivat
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Maxwell Connery
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Wouters