Re: [perpass] Traffic peeking
"Learmonth, Iain Ross" <iain.learmonth.09@aberdeen.ac.uk> Sun, 24 November 2013 22:37 UTC
Return-Path: <iain.learmonth.09@aberdeen.ac.uk>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3B251AE1B3 for <perpass@ietfa.amsl.com>; Sun, 24 Nov 2013 14:37:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wAe4JmuTp0Mk for <perpass@ietfa.amsl.com>; Sun, 24 Nov 2013 14:37:27 -0800 (PST)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1lp0014.outbound.protection.outlook.com [213.199.154.14]) by ietfa.amsl.com (Postfix) with ESMTP id A45A81AE2E2 for <perpass@ietf.org>; Sun, 24 Nov 2013 14:37:26 -0800 (PST)
Received: from AMSPR01MB149.eurprd01.prod.exchangelabs.com (10.242.92.15) by AMSPR01MB150.eurprd01.prod.exchangelabs.com (10.242.92.20) with Microsoft SMTP Server (TLS) id 15.0.820.5; Sun, 24 Nov 2013 22:37:18 +0000
Received: from AMSPR01MB149.eurprd01.prod.exchangelabs.com ([169.254.6.237]) by AMSPR01MB149.eurprd01.prod.exchangelabs.com ([169.254.6.237]) with mapi id 15.00.0820.005; Sun, 24 Nov 2013 22:37:17 +0000
From: "Learmonth, Iain Ross" <iain.learmonth.09@aberdeen.ac.uk>
To: S Moonesamy <sm+ietf@elandsys.com>
Thread-Topic: [perpass] Traffic peeking
Thread-Index: AQHO6VQmhaJr2E88t0GA/BjPpT0YvJo09HPp
Date: Sun, 24 Nov 2013 22:37:16 +0000
Message-ID: <5e7d0e55fc83418aa2a9fbd86b0a9b5f@DB3PR01MB153.eurprd01.prod.exchangelabs.com>
References: <6.2.5.6.2.20131124121510.0aa47e40@elandnews.com>
In-Reply-To: <6.2.5.6.2.20131124121510.0aa47e40@elandnews.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [84.92.41.201]
x-forefront-prvs: 0040126723
x-forefront-antispam-report: SFV:NSPM; SFS:(189002)(199002)(83072001)(80022001)(81686001)(74706001)(81342001)(53806001)(74876001)(4396001)(79102001)(87936001)(87266001)(66066001)(65816001)(47736001)(69226001)(2656002)(56816003)(46102001)(49866001)(15975445006)(50986001)(47976001)(81816001)(77096001)(76786001)(76796001)(15202345003)(76482001)(51856001)(54356001)(77982001)(59766001)(80976001)(33646001)(74482001)(83322001)(19580395003)(47446002)(74502001)(85306002)(74316001)(81542001)(74366001)(63696002)(56776001)(19580405001)(54316002)(31966008)(74662001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:AMSPR01MB150; H:AMSPR01MB149.eurprd01.prod.exchangelabs.com; CLIP:84.92.41.201; FPR:; RD:InfoNoRecords; MX:1; A:1; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: aberdeen.ac.uk
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] Traffic peeking
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Nov 2013 22:37:29 -0000
> In 2007, Dan Shumow and Niels Ferguson discussed about the > possibility of a backdoor in a Dual Elliptic Curve pseudorandom > number generator [Rump]. I'm not sure how this paragraph is relevant to the rest of the draft. You only discuss the use of encryption, not particular schemes. > Entities exchanging traffic over the Internet should assume that any > traffic which is not encrypted will be intercepted given that peeking > is irresistible. This should probably be re-worded to be something like "any traffic which is not encrypted should be assumed to be compromised". Let's be honest, they're not capturing and storing every single bit of traffic, they definitely don't have the capacity for that. > The Hypertext Transfer Protocol (HTTP) [RFC2616] is widely used to > access the web. The protocol is sometimes used to provide web access > to email. Section 15 of RFC 2616 [RFC2616] does not provide any > guidance about encrypting the traffic generated by the protocol. This is currently being discussed by httpbis[1] and any discussion related to the use of encryption with HTTP should be had there. The other protocols will be discussed by the new uta (Using TLS in Applications) working group[2]. Other bits in general, there's a lot of talking about state sponsered surveillence, but there are other problems too. Botnets with nodes operating behind firewalls can sniff the wires, rouge sysadmins, anyone who can poison BGP tables, etc. Encryption is also only half the solution, the other half is authentication as if you're sending your data encrypted straight to the NSA while they MitM you, you've solved nothing. Given that one of the stated tasks for the uta working group is: "- Specify a set of best practices for TLS clients and servers, including but not limited to recommended versions of TLS, using forward secrecy, and one or more ciphersuites and extensions that are mandatory to implement." I believe that this draft would be more suited to be being discussed there. Iain. [1]: http://datatracker.ietf.org/wg/httpbis/charter/ [2]: http://datatracker.ietf.org/wg/uta/charter/ -- Iain R. Learmonth MBCS Electronics Research Group School of Engineering University of Aberdeen Kings College Aberdeen AB24 3UE Tel: +44 1224 27 2799 The University of Aberdeen is a charity registered in Scotland No.SCO13683 ________________________________________ From: perpass <perpass-bounces@ietf.org> on behalf of S Moonesamy <sm+ietf@elandsys.com> Sent: 24 November 2013 20:29 To: perpass@ietf.org Subject: [perpass] Traffic peeking Hello, I posted a draft about traffic peeking [1]. Comments are welcome. Regards, S. Moonesamy 1. http://tools.ietf.org/html/draft-moonesamy-traffic-peeking-00 _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass
- [perpass] Traffic peeking S Moonesamy
- Re: [perpass] Traffic peeking Learmonth, Iain Ross
- Re: [perpass] Traffic peeking S Moonesamy
- [perpass] UTA charter (was: Re: Traffic peeking) Stephen Farrell
- Re: [perpass] Traffic peeking S Moonesamy