Re: [perpass] perens-perpass-appropriate-response-01

Robin Wilton <wilton@isoc.org> Mon, 09 December 2013 08:38 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E88A81AE0CE for <perpass@ietfa.amsl.com>; Mon, 9 Dec 2013 00:38:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LCjk1_a1OFS7 for <perpass@ietfa.amsl.com>; Mon, 9 Dec 2013 00:38:28 -0800 (PST)
Received: from smtp78.iad3a.emailsrvr.com (smtp78.iad3a.emailsrvr.com [173.203.187.78]) by ietfa.amsl.com (Postfix) with ESMTP id C197F1AE0F9 for <perpass@ietf.org>; Mon, 9 Dec 2013 00:38:27 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp26.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 0C7563380BC; Mon, 9 Dec 2013 03:38:23 -0500 (EST)
X-Virus-Scanned: OK
Received: by smtp26.relay.iad3a.emailsrvr.com (Authenticated sender: wilton-AT-isoc.org) with ESMTPSA id 7F0D33380B3; Mon, 9 Dec 2013 03:38:22 -0500 (EST)
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/signed; boundary="Apple-Mail=_CC0D4B9A-0E66-4E21-89B3-61E26F2BFBA7"; protocol="application/pkcs7-signature"; micalg=sha1
From: Robin Wilton <wilton@isoc.org>
In-Reply-To: <52A50DAC.7040601@panix.com>
Date: Mon, 9 Dec 2013 09:38:11 +0100
Message-Id: <AC04E3F8-60AF-4AE8-9640-B5C81833D4AF@isoc.org>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com> <529F9F14.8050805@appelbaum.net> <529FB61A.7090604@perens.com> <529FBEF9.7030205@appelbaum.net> <529FC347.3080806@perens.com> <52A15835.2070901@cis-india.org> <52A21B80.8070005@mykolab.com> <52A21D1C.8020000@perens.com> <BC888A6F-F048-4BA6-92F4-8812753F8534@icsi.berkeley.edu> <52A2235A.2030801@perens.com> <ADD6858C-7548-479E-BB71-316E9C52F812@icsi.berkeley.edu> <c97f3134-eedf-44e1-880c-147efb172fc6@email.android.com> <240A2D86-C352-4954-BE4E-6313BA25994E@icsi.berkeley.edu> <52A2CE6A.30408@perens.com> <52A31F1D.7040509@cs.tcd.ie> <5D026682-5457-4F00-B139-58D8D718BB0A@icsi.berkeley.edu> <454F08BE-5C79-408B-B356-6D895C9B1CC3@isoc.org> <52A50DAC. 7040601@panix.com>
To: Albert Lunde <atlunde@panix.com>
X-Mailer: Apple Mail (2.1283)
Cc: "perpass@ietf.org" <perpass@ietf.org>
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 08:38:30 -0000

Thanks Albert - 

Right... but I'm not excluding cases where micropayment systems are subjected to automated attack; I'm suggesting that that would represent 'abnormal' levels of disputed payment. I was considering integrity protection (MAC/signing) in the context of disputed micropayments at 'normal' (i.e. personal, non-automated) volumes. 
I think the countermeasures for that threat model differ from the countermeasures for automated attack.

I hope this helps clarify the point I was trying to make.

R

Robin Wilton
Technical Outreach Director - Identity and Privacy
Internet Society

email: wilton@isoc.org
Phone: +44 705 005 2931
Twitter: @futureidentity




On 9 Dec 2013, at 01:24, Albert Lunde wrote:

> On 12/8/2013 1:59 PM, Robin Wilton wrote:
>> Nick,
>> >
>> I agree that there is a cost threshold for signature/MAC. It is
>> something I uncovered in my PKI research: for PKI-enabled micropayments
>> it is, arguably, not worth signing the public key involved, if the
>> number of disputed payments is at normal levels... because normal
>> levels, for most micropayment applications, are low. It's more
>> cost-effective to simply refund the tiny minority of disputed payments.
> 
> It seems like a threat model that assumes the sole risk is disputed payments "at the normal rate" is broken in the presence of automated attacks.
> 
> I don't think the NSA is the only bad actor, in the short term, for-profit criminal groups seem more likely to do active or tailored attacks.  This can result in bursts of fraud and/or malware affecting particular clients or sites disproportionately.
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass