IETF Logo Mail Archive

Re: [perpass] TLS discussion

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 18 November 2013 14:29 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D101811E8231 for <perpass@ietfa.amsl.com>; Mon, 18 Nov 2013 06:29:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rpn1rKp4P69O for <perpass@ietfa.amsl.com>; Mon, 18 Nov 2013 06:29:16 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 3766E11E818D for <perpass@ietf.org>; Mon, 18 Nov 2013 06:26:52 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 60EE3BE50; Mon, 18 Nov 2013 14:26:50 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oHg3sRYCMi2Z; Mon, 18 Nov 2013 14:26:50 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3D0FABE4C; Mon, 18 Nov 2013 14:26:50 +0000 (GMT)
Message-ID: <528A23AA.6070806@cs.tcd.ie>
Date: Mon, 18 Nov 2013 14:26:50 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: Phillip Hallam-Baker <hallam@gmail.com>
References: <CAMm+Lwg-AF9fZ5=f5W8JDmiCe=U7Uyxso_bdHGaQhddsQ+aGaw@mail.gmail.com> <5288E344.1020008@cs.tcd.ie> <7801df6558344b67a684933d4776e294@DB3PR01MB153.eurprd01.prod.exchangelabs.com> <5289FE29.2040804@cs.tcd.ie> <CAMm+LwgarxQbygQD=MSaTjjsaO=g1_0v9V=A=CMORVybsiPKAQ@mail.gmail.com>
In-Reply-To: <CAMm+LwgarxQbygQD=MSaTjjsaO=g1_0v9V=A=CMORVybsiPKAQ@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: perpass <perpass@ietf.org>, "Learmonth, Iain Ross" <iain.learmonth.09@aberdeen.ac.uk>
Subject: Re: [perpass] TLS discussion
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2013 14:29:26 -0000

On 11/18/2013 12:49 PM, Phillip Hallam-Baker wrote:
> 
> Its a lot more than 100 a day. There are close to 100 in a thread you
> started last night. And that is the weekend.

Yep. That's why I'd rather we not re-do all that here too.

> 
> All the chatter about confidentiality and nobody is interested in fixing
> the massive hole in the use of cookies for authentication. And they can't
> even see the connection between the two.

That is interesting yes. Yoav mentioned it too and invited
folks to look at the work that's not (yet) gotten traction
on that in websec.

S.

v2.23.0 | Report a Bug | By Email