Re: [perpass] Commnets on draft-farrell-perpass-attack-00 was RE: perens-perpass-appropriate-response-01

Stephane Bortzmeyer <bortzmeyer@nic.fr> Thu, 05 December 2013 09:41 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B92891ADBD0 for <perpass@ietfa.amsl.com>; Thu, 5 Dec 2013 01:41:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, RP_MATCHES_RCVD=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s89ybC3t_5fy for <perpass@ietfa.amsl.com>; Thu, 5 Dec 2013 01:41:02 -0800 (PST)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) by ietfa.amsl.com (Postfix) with ESMTP id D05621ADBCE for <perpass@ietf.org>; Thu, 5 Dec 2013 01:41:01 -0800 (PST)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 4F2332802C6; Thu, 5 Dec 2013 10:40:58 +0100 (CET)
Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 498B72802BB; Thu, 5 Dec 2013 10:40:58 +0100 (CET)
Received: from bortzmeyer.nic.fr (batilda.nic.fr [IPv6:2001:67c:1348:8::7:113]) by relay1.nic.fr (Postfix) with ESMTP id 474E74C007C; Thu, 5 Dec 2013 10:40:28 +0100 (CET)
Date: Thu, 5 Dec 2013 10:40:28 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Bruce Perens <bruce@perens.com>
Message-ID: <20131205094027.GA10388@nic.fr>
References: <290E20B455C66743BE178C5C84F1240847E5103799@EXMB01CMS.surrey.ac.uk> <2C66A416-5F07-4803-A4C0-BB61734BA42E@nominum.com> <529FB216.7010504@perens.com> <CAMm+Lwjyp2eiVyqujnxiad9+iqUjkbJDhshB3+g-8fWkwgc5Vg@mail.gmail.com> <529FBC5F.7050700@perens.com> <CAMm+LwhnL-q_y6652c9zLbQOHf2MtJstRcP=SjomB-bjPAgZ8w@mail.gmail.com> <ba1f6f7a-9a62-4ae8-b317-b9571bc79f0b@email.android.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <ba1f6f7a-9a62-4ae8-b317-b9571bc79f0b@email.android.com>
X-Operating-System: Debian GNU/Linux 7.2
X-Kernel: Linux 3.2.0-4-686-pae i686
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: perpass <perpass@ietf.org>, Phillip Hallam-Baker <hallam@gmail.com>
Subject: Re: [perpass] Commnets on draft-farrell-perpass-attack-00 was RE: perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Dec 2013 09:41:02 -0000

On Wed, Dec 04, 2013 at 09:18:52PM -0800,
 Bruce Perens <bruce@perens.com> wrote 
 a message of 27 lines which said:

> I don't think we can say for sure that TLS is any hurdle to NSA's
> mass surveillance program at all.

Besides obvious remarks (secret agencies are secret), what is the
consequence to draw from this observation? That we should not use TLS
because it is possible that NSA has successfully attacked it? If so,
that would be a poor decision. First, there are other attackers, which
do not have the same resources as the NSA. Second, even the NSA cannot
break the law of physics (testing 2^256 possibilities take a lot of
time, even when you have money). Third, since we don't know, it seems
to me the reasonable thing to do would be to protect ourselves, just
in case.

[Insert here paranoid remarks about the NSA spreading the rumor that
it can break TLS so people won't encrypt and therefore the NSA will
not have to break TLS.]