Re: [perpass] perens-perpass-appropriate-response-01

Bruce Perens <bruce@perens.com> Wed, 04 December 2013 17:22 UTC

Return-Path: <bruce@perens.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EE831AE314 for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 09:22:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.177
X-Spam-Level:
X-Spam-Status: No, score=-1.177 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, RP_MATCHES_RCVD=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z_xsTR1qr1OH for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 09:22:55 -0800 (PST)
Received: from alchemy.perens.com (alchemy.perens.com [206.221.219.26]) by ietfa.amsl.com (Postfix) with ESMTP id 87F341A802B for <perpass@ietf.org>; Wed, 4 Dec 2013 09:22:55 -0800 (PST)
Received: from [192.168.18.131] (mail.a10networks.com [12.207.16.167]) by alchemy.perens.com (Postfix) with ESMTPSA id 8280050008A; Wed, 4 Dec 2013 09:22:52 -0800 (PST)
Message-ID: <529F64F1.1090802@perens.com>
Date: Wed, 04 Dec 2013 09:22:57 -0800
From: Bruce Perens <bruce@perens.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10
MIME-Version: 1.0
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <5A5B778C-1E8D-49BA-9AB9-8A5C5C9E46F0@icsi.berkeley.edu>
In-Reply-To: <5A5B778C-1E8D-49BA-9AB9-8A5C5C9E46F0@icsi.berkeley.edu>
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, perpass@ietf.org, Theodore Ts'o <tytso@mit.edu>
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2013 17:22:56 -0000

On 12/04/2013 09:19 AM, Nicholas Weaver wrote:
All it takes is ONE unencrypted web request across a hostile network for that hostile network to be used to attack the browser.
And that is one way in to the browser out of many.

    Thanks

    Bruce