Re: [perpass] Getting started...
Ben Laurie <benl@google.com> Sat, 17 August 2013 12:04 UTC
Return-Path: <benl@google.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 058BC11E8103 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 05:04:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.177
X-Spam-Level:
X-Spam-Status: No, score=-1.177 tagged_above=-999 required=5 tests=[AWL=0.800, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p3Iooa4DGsx4 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 05:04:26 -0700 (PDT)
Received: from mail-qe0-x231.google.com (mail-qe0-x231.google.com [IPv6:2607:f8b0:400d:c02::231]) by ietfa.amsl.com (Postfix) with ESMTP id DF35911E80F6 for <perpass@ietf.org>; Sat, 17 Aug 2013 05:04:25 -0700 (PDT)
Received: by mail-qe0-f49.google.com with SMTP id 1so1721390qec.22 for <perpass@ietf.org>; Sat, 17 Aug 2013 05:04:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=/E/sA7gW8Q64xOYhgvob/GPlO/DV2h73Xr1ovMRuHvU=; b=JaQHon0HfL5XRfuqSDIX3GOvu28r5zf6DD8aeQI5ssfSqHZyhl/lxxLmZvg7QDVaZi roe8SRpQHV3I48HnQMVIfagTCZ/Hv6p2QirFd4RF0fBgvR5CAP+pqnopqaUhv3gnSrTe OhESmlcv23tAjC0/D021kiFuPpW8bvCvUstMRVmXm5AKxPHOuwaJBsfsjANED3AY/8e8 sy7w6T0ziFCaTTyLyyBeq39I7bnVwX3C7DooDee24bSnbmtOBerywvQTFTkCWyawOrTl TWmOSCmiFFvdStFohR8/zFtRNLzfFgTJ2BuqkwSttSRbuRwpY08evpVH7MuIYaQMA5mx 1hZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=/E/sA7gW8Q64xOYhgvob/GPlO/DV2h73Xr1ovMRuHvU=; b=gmXuZd0Xx49dWS4kVfLwT4TQQA4IlDZbEGgrrT5bNMNrnbmHFCfRQCnuekmTRYT2Ky n2Lha72zFB2AaDo4n87+4MrmtWXXx57iA+eQlu2qcwlOrz/XzlXyh9+Rw5M2aQlI2trj G/E+kb72CvNZfPn6mnTPG3LGnmZxsgSeDof5Klta50YlSC9F6T9UwHMV/kUowmuGCRsA 5trO67CrzQxq2bpYDnsOBMH8NqZd02Q/WWBrI3UcrdokmM4J5qjI/Q1MldFDmmJ6s+ox HmES+W0ydSZiVY8JFm3anQo7CGhqekcx3podZTLRwzBHyQcspG9Pyv0C5CDJBs2E3vmI WOZA==
X-Gm-Message-State: ALoCoQnKbisremJIgJeCCEkJtuvjCMIt+Ay3de/0zuH02QQd9TbzWsBnOaE0lcu+NHYJ5r50giRt60bcGInu1HwM6Q0aH4kTGRUdofc5WuCAJ4BGaeE8uP0isGGf+6Ze3ZefC/n+Nxd7KEdTqBk/WeUM9YkXAR14uk/XBFGCzhGp/7wFpjaXerLy7FAAtTlhEs27bdVprPac
MIME-Version: 1.0
X-Received: by 10.49.13.131 with SMTP id h3mr2930743qec.3.1376741065311; Sat, 17 Aug 2013 05:04:25 -0700 (PDT)
Received: by 10.229.169.196 with HTTP; Sat, 17 Aug 2013 05:04:24 -0700 (PDT)
In-Reply-To: <520F6405.6010102@cs.tcd.ie>
References: <520E5684.1090005@cs.tcd.ie> <CABrd9SS6txRujNLbLqscKncK+Q=9YLPzX_3-sNuLP56VFMBLiw@mail.gmail.com> <520F6405.6010102@cs.tcd.ie>
Date: Sat, 17 Aug 2013 08:04:24 -0400
Message-ID: <CABrd9SR-+ypxEOwrOgQEyUK6FcguoKmg_P++xKm5tWvUAsTV2w@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="047d7b6773b0257b2b04e423826a"
Cc: perpass@ietf.org
Subject: Re: [perpass] Getting started...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2013 12:04:27 -0000
On 17 August 2013 07:52, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Hi Ben, > > On 08/17/2013 12:37 PM, Ben Laurie wrote: > > On 16 August 2013 12:42, Stephen Farrell <stephen.farrell@cs.tcd.ie> > wrote: > > > >> what should we be doing? > > > > > > Certificate Transparency is an anti-monitoring tool, amongst other useful > > properties. > > Yep. Its a fine tool but more I guess directed at countering > an active attacker who spoofs as a web site and then monitors > or snarfs passwords or whatever. > > > The more generalised idea of a public, verifiable log of stuff is > probably > > useful in other ways, too. > > > > For example, DNSSEC Transparency (OK, hardly much different from CT). > > > > Someone mentioned default encrypting emails: sparse Merkle trees are an > > efficient data structure for making a verifiable map of email addresses > to > > public keys... > > neat idea... maybe. > > However, that and other foo-transparency ideas also require > clients to ask the log about stuff, in a way that the log > can.... log. > So, Private Information Retrieval is a way around this issue. I don't know much about it, yet, but I'm told its fairly expensive. But I think not too expensive for this kind of operation. As it happens, I am planning to do some work with Ian Goldberg on the subject, and so will have more to say about it in a while. Also, it may be that simply retrieving the whole log is feasible. We're not talking about vast amounts of data. > > For CT, thats ok since the web site itself (or its > auditors) can contact the CT log, but I wonder if that'd > become a problem for other foo-transparency applications, > e.g. how could an MUA query a log of public keys without > exposing the meta-data that I'm sending you an encrypted > message? > I would observe that you already reveal that, unless you come up with some entirely novel way of delivering email. I am not suggesting that this means the problem should not be solved, but it seems that encrypting the payload routinely moves the needle a fair amount - enough to be worth doing while we figure out the whole thing. > > > Yes, I have a hammer and I am looking for nails. > > :-) > > S. > > > > > > > > > _______________________________________________ > > perpass mailing list > > perpass@ietf.org > > https://www.ietf.org/mailman/listinfo/perpass > > >
- [perpass] Getting started... Stephen Farrell
- Re: [perpass] Getting started... SM
- Re: [perpass] Getting started... Stephen Farrell
- Re: [perpass] Getting started... Brian Trammell
- Re: [perpass] Getting started... Randy Bush
- Re: [perpass] Getting started... Stephen Farrell
- Re: [perpass] Getting started... Stephen Farrell
- Re: [perpass] Getting started... Ben Laurie
- Re: [perpass] Getting started... Ben Laurie
- Re: [perpass] Getting started... Stephen Farrell
- Re: [perpass] Getting started... Ben Laurie
- Re: [perpass] Getting started... Russ White
- [perpass] mail tracking (was; Re: Getting started… Stephen Farrell
- Re: [perpass] Getting started... Randy Bush
- Re: [perpass] mail tracking (was; Re: Getting sta… Randy Bush
- Re: [perpass] mail tracking (was; Re: Getting sta… Ben Laurie
- Re: [perpass] Getting started... Paul Wouters
- Re: [perpass] Getting started... Dave Crocker
- Re: [perpass] Getting started... Paul Wouters
- Re: [perpass] Getting started... SM