Re: [perpass] Another mail-related proposal

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 18 August 2013 16:42 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86F2B21F9B8D for <perpass@ietfa.amsl.com>; Sun, 18 Aug 2013 09:42:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iSaFZ+WxQuHu for <perpass@ietfa.amsl.com>; Sun, 18 Aug 2013 09:42:09 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 901EF21F9A15 for <perpass@ietf.org>; Sun, 18 Aug 2013 09:42:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 65596BE39; Sun, 18 Aug 2013 17:42:06 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCbq88y0SImP; Sun, 18 Aug 2013 17:42:05 +0100 (IST)
Received: from [10.128.56.104] (unknown [88.128.80.10]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 5E758BE33; Sun, 18 Aug 2013 17:42:05 +0100 (IST)
Message-ID: <5210F95D.4060008@cs.tcd.ie>
Date: Sun, 18 Aug 2013 17:42:05 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Jim Fenton <fenton@bluepopcorn.net>
References: <520FE08B.80005@bluepopcorn.net> <alpine.LFD.2.10.1308171723400.14413@bofh.nohats.ca> <5210643F.8030709@bluepopcorn.net> <m2bo4vcuup.wl%randy@psg.com> <5210F771.9090600@bluepopcorn.net>
In-Reply-To: <5210F771.9090600@bluepopcorn.net>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Randy Bush <randy@psg.com>, perpass@ietf.org
Subject: Re: [perpass] Another mail-related proposal
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Aug 2013 16:42:15 -0000

Just on this particular attack:

On 08/18/2013 05:33 PM, Jim Fenton wrote:
> Here's a possible attack: someone sends you a message in the clear
> falsely quoting you as conspiring criminally with them or some third
> party. 

I think that's maybe on the boundaries of the scope here.
Even if the sender and recipient both think the message
is innocuous, the monitoring folks might not, so I'm not
sure that specific malicious content like that is what we
ought be worrying about in this context.

Put another way, that's an attack that's enabled by
monitoring, since if the monitoring wasn't likely or easy,
the attacker probably wouldn't try this method.

S.