Re: [perpass] Getting started...

Ben Laurie <benl@google.com> Sat, 17 August 2013 11:31 UTC

Return-Path: <benl@google.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4186411E80F0 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 04:31:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.377
X-Spam-Level:
X-Spam-Status: No, score=-0.377 tagged_above=-999 required=5 tests=[AWL=1.600, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TytWIJNlmFlC for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 04:31:20 -0700 (PDT)
Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com [IPv6:2607:f8b0:4003:c01::235]) by ietfa.amsl.com (Postfix) with ESMTP id C88E011E80E3 for <perpass@ietf.org>; Sat, 17 Aug 2013 04:31:20 -0700 (PDT)
Received: by mail-ob0-f181.google.com with SMTP id dn14so2957903obc.26 for <perpass@ietf.org>; Sat, 17 Aug 2013 04:31:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=OBgMbSLEPUthV+Y8F846VFGnpq6Hu0pKrn/MOutjlJk=; b=meDm627zQ9iUxjOMoRNtUzi6i5S43sVh1wXfSsYksFvIjsl9dqs4HQvMR2hYCVYSaX uqijBA9pRvhStBf0+FeZi1JKQnh5afza6LQNZ25k6hTK7tpUFXdXzTPe6tK3q4icfz0f NiiiyjyQp5sNjB09/+rhXatBLu0yn8zL2TO8DHI4udLv7CtdGoCwojfhqBGFmvr1Ezl1 NCP8Si0jIb031X8WW5cxDwXw34ZIgOmpihOpcTNGQoGp4D50ri5B2BumuvwqUCmPpkHW IA225nYK3L4u4ZFZlgRzgNGohJR8LgdZa/TbfD5+bovtXip7dnKvYCPi21tDj0dl+Urt z4OQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=OBgMbSLEPUthV+Y8F846VFGnpq6Hu0pKrn/MOutjlJk=; b=GLM0tfC743emEXdBiTVYkowDTt3vYr/tYKcc6cEjZnCqYQ6HXOVUzgZVoDL2WOVQeH 9szZj+8i0Cnrwu4Bs5SFhvl3TVSc7QDpdiYmyIU8WoFXzXU7hfcyv19i7PLCEdt4eVXL 2p2gU8WyTO0mQyEbgztKZxuRE/W/sb4wPh2Vzef0J8Bgj08ikwCClPjjRK1+7ben79qO NZQ7ejSjjvRkv+cRyUmP1ciHB7gdlsBvtzX6jktIrAaHdNdtMKunpR4YcZm3giw8Ml+Q IpdEkg5c9Fw2gg//jxst9n2UB5rDx8QNiIyiyh+QxnZQS98uEX7jy9Jj9TvglBel4Jza A6wA==
X-Gm-Message-State: ALoCoQnhHySkwf1TfMGxOiPCdfgIBF1OE9PnOyzNmysYDWbejo200hbpR3f0cLkC+gVaR4zrfhKEwHjbIyAXGDcyEvtQx0P5enk++9zBlSU2Ou2CcKpzUelyy8QoCdzuN2vFyk4u9ogO0sbpLAsTVbOJxqU+bid7Oig8u3BHd2L2iddGhQBCBUPqOQqlhTsYyxMN8PuUwiYY
MIME-Version: 1.0
X-Received: by 10.60.62.38 with SMTP id v6mr599023oer.45.1376739080078; Sat, 17 Aug 2013 04:31:20 -0700 (PDT)
Received: by 10.182.49.133 with HTTP; Sat, 17 Aug 2013 04:31:20 -0700 (PDT)
In-Reply-To: <m27gfkfwmm.wl%randy@psg.com>
References: <520E5684.1090005@cs.tcd.ie> <6.2.5.6.2.20130816171144.0c01f738@resistor.net> <520F4AE1.5040403@cs.tcd.ie> <m27gfkfwmm.wl%randy@psg.com>
Date: Sat, 17 Aug 2013 07:31:20 -0400
Message-ID: <CABrd9SRd-+evdaA18KCBGqu68KLpPkP_i2eqd2d4t==fmE037A@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary=089e0153761ed12de304e4230bd6
Cc: perpass@ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [perpass] Getting started...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2013 11:31:21 -0000

On 17 August 2013 06:18, Randy Bush <randy@psg.com> wrote:

>
> i know bgp payload does not excite a lot of folk, but encrypting it
> makes ip space tracability just that much harder.  and opportunistic
> encryption would be trivial to negotiate in the bgp open.  and i am
> looking at bgpsec doing payload encryption.


What? Surely:

a) The results of BGP are manifestly observable, regardless of whether you
can see the payload or not, and

b) The decrypted payload is necessarily visible to pretty much anyone who
wants to see it (otherwise debugging routing problems is impossible)

I feel like I must be missing something.