IETF Logo Mail Archive

Re: [perpass] SMTP and SRV records

Robin Wilton <wilton@isoc.org> Wed, 25 November 2015 13:28 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2040B1B2C89 for <perpass@ietfa.amsl.com>; Wed, 25 Nov 2015 05:28:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zOJWMymf5fjS for <perpass@ietfa.amsl.com>; Wed, 25 Nov 2015 05:28:26 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0605.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::605]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF82A1B2C7A for <perpass@ietf.org>; Wed, 25 Nov 2015 05:28:25 -0800 (PST)
Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1840.namprd06.prod.outlook.com (10.162.133.15) with Microsoft SMTP Server (TLS) id 15.1.331.20; Wed, 25 Nov 2015 13:28:04 +0000
Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0331.019; Wed, 25 Nov 2015 13:28:04 +0000
From: Robin Wilton <wilton@isoc.org>
To: Derek Fawcus <dfawcus+lists-perpass@employees.org>
Thread-Topic: [perpass] SMTP and SRV records
Thread-Index: AQHRJvRDZA3I+pSgJ06arJS/w9mHcp6rr0GAgACj1wCAADSkAIAAHXW4gAAGIICAABCGAA==
Date: Wed, 25 Nov 2015 13:28:03 +0000
Message-ID: <7916539D-4001-40AF-8884-6573D1C89ED9@isoc.org>
References: <20151124201103.GA9353@cowbell.employees.org> <5654D5AF.50700@cisco.com> <20151125071128.GA99066@cowbell.employees.org> <6FD77081-7C68-4266-9C26-3443C73F4EFA@trammell.ch> <20151125115248.GA75123@cowbell.employees.org> <5655A3F2.60900@cisco.com> <20151125122713.GC75123@cowbell.employees.org>
In-Reply-To: <20151125122713.GC75123@cowbell.employees.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=wilton@isoc.org;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [94.174.34.240]
x-microsoft-exchange-diagnostics: 1; SN1PR06MB1840; 5:F7KMiNc0VAMGHvwCbNBUnfsuXYiShoctstD2J+lOF9Qgp7FPunukcbRGcnGd2jh3IfM6RzJ/Ue/j5QoFtK5I8NSMRTwh9vLBF8FR/1iCor9JikUtPD7R616l7gJehDs09TeZF/Xa1R3JhII2T1Wpzg==; 24:9xznzkA6T7t++XZG10g+OFOPE6Add96n3saEmVIjhN40F6AJveQRxc+pFS7ek4PKBCKYHr6A872qEzJWD16yzlO82z5Kyko9dL6K/0iYk98=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1840;
x-microsoft-antispam-prvs: <SN1PR06MB1840651AD05BBD6A4B59ABD9BF050@SN1PR06MB1840.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(51492898944892);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001)(10201501046); SRVR:SN1PR06MB1840; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1840;
x-forefront-prvs: 0771670921
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(252514010)(199003)(24454002)(189002)(2900100001)(19580405001)(106116001)(97736004)(40100003)(82746002)(99286002)(54356999)(50986999)(189998001)(5002640100001)(2950100001)(33656002)(81156007)(99936001)(76176999)(87936001)(77096005)(93886004)(83716003)(110136002)(10400500002)(122556002)(5001960100002)(105586002)(19580395003)(36756003)(15975445007)(92566002)(102836003)(3846002)(106356001)(586003)(101416001)(5008740100001)(66066001)(86362001)(5004730100002)(5007970100001)(11100500001)(6116002)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1840; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_C8C08896-B121-4A56-AABD-B9A837C58247"; protocol="application/pgp-signature"; micalg="pgp-sha256"
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Nov 2015 13:28:03.8734 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1840
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/2zvPGP8tctk3R6sFek64HBVU3HA>
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] SMTP and SRV records
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2015 13:28:30 -0000

Hi Derek -

Brief comment in-line...

On 25 Nov 2015, at 12:27, Derek Fawcus <dfawcus+lists-perpass@employees.org> wrote:

> On Wed, Nov 25, 2015 at 01:05:06PM +0100, Eliot Lear wrote:
>> Hi,
>> 
>> This smells a lot more like an attempt to inhibit lawful intercept than
>> it does to stop a bad guy spying on email.
> 
> Hardly,  they can still intercept it,  it would just be encrypted.
> 
> There are multiple levels of privacy:
> 
> 1) A communicated with B,  but the nature of the comms is uncharacterised.
> 2) A communicated with B (using email)
> 3) A communicated with B, the email had contents X
> 
> Encryption should defeat 3,  leaving 1 & 2.
> 
> I'm suggesting a way to also defeat 2,  or at least make its recognition
> more difficult.  None of these prevent 1.
> 
> This is an attempt to make bulk interception,  and its offline post facto
> analysis more awkward.  It'll have no effect upon targetted inteception.
> (since there one could see the DNS queries,  and know which were for SMTP).
> 
> But,  if there is not interest in this;  I guess I'll drop it.

Whether or not this functionality ends up in an RFC or implemented, I think it is exactly this level of clarity over “levels of privacy” (and corresponding levels of protection vs levels of interception capability) that we need to be discussing as a community.

I’m sure I’m not the only one who has been depressed by a lot of the public discourse on this topic (present list definitely excepted!), and the lack of clarity/understanding demonstrated by much of it (this being a lamentable case in point: http://www.telegraph.co.uk/technology/12008689/Why-is-Silicon-Valley-helping-the-tech-savvy-jihadists.html ).

I think an important antidote to that is our own clarity about the protective mechanisms that can be applied at the various layers of the protocol stack, and the nature and extent of the protection they each provide.

This is entirely in line with my understanding of RFC7258.


> 
> DF
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass

Robin Wilton
Technical Outreach Director - Identity and Privacy
Internet Society

email: wilton@isoc.org
Phone: +44 705 005 2931
Twitter: @futureidentity

v2.23.0 | Report a Bug | By Email