Re: [perpass] Getting started...

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 17 August 2013 10:37 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A44821F9BBD for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 03:37:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JZ+pv88wm32n for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 03:37:20 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id E492B21F9BC3 for <perpass@ietf.org>; Sat, 17 Aug 2013 03:37:18 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 30C84BE25; Sat, 17 Aug 2013 11:37:17 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TjYosNPqSs0p; Sat, 17 Aug 2013 11:37:16 +0100 (IST)
Received: from [10.87.48.8] (unknown [86.44.67.197]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 8B0B4BE24; Sat, 17 Aug 2013 11:37:16 +0100 (IST)
Message-ID: <520F525C.5020800@cs.tcd.ie>
Date: Sat, 17 Aug 2013 11:37:16 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>
References: <520E5684.1090005@cs.tcd.ie> <6.2.5.6.2.20130816171144.0c01f738@resistor.net> <520F4AE1.5040403@cs.tcd.ie> <m27gfkfwmm.wl%randy@psg.com>
In-Reply-To: <m27gfkfwmm.wl%randy@psg.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: perpass@ietf.org
Subject: Re: [perpass] Getting started...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2013 10:37:28 -0000

Hi Randy,

On 08/17/2013 11:18 AM, Randy Bush wrote:
>> I hope so. We had some good discussions in Berlin at any rate and my
>> hope is that at least the people involved in that will chime in.  But
>> I guess we'll see when we see.
> 
> ok, ok.
> 
> imiho, there are a vast number of areas we can improve.  as you point
> out, a privacy version of jeff's danvers rfc is one start.  another is
> just painting privacy by default on the walls at home.  
> 
> i know bgp payload does not excite a lot of folk, but encrypting it
> makes ip space tracability just that much harder.  and opportunistic
> encryption would be trivial to negotiate in the bgp open.  and i am
> looking at bgpsec doing payload encryption.

I think that's a great example of the kind of nob-obvious changes
that could be useful and doable. I'd welcome more... and since we're
just starting out, makng a list of those would maybe be a useful
thing so it'd be great to get suggestions for putting on that list...

> i would love it if my email client ( well, normal email clients :-)
> automagically encrypted to the recipients for whom i have a public key.
> maybe the folk way up there at layer seven can come up with an even
> better idea.

My own fav. would be to actually encrypt the entire message, incl.
sensitive header fields (e.g. To: From: Subject:) - without that PGP
and S/MIME seem to still expose too much to the pervasive monitor.

> i could drivel on.  but there are a lot of folk far smarter at this
> stuff than i.
> 
> oh, and can we try to take the constructive road, not the negative
> games?  my .procmailrc is too long already.

Hope so. But in this case I'm more confident than elsewhere, for this
list. (That is, until we turn up on some wg's list with our great plan
for fixing their stuff. Things might get more challenging then, but
there's fun in that too:-)

S.

> 
> randy
> 
>