IETF Logo Mail Archive

Re: [perpass] Howdy!

Randy Bush <randy@psg.com> Fri, 13 September 2013 17:49 UTC

Return-Path: <randy@psg.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B35C221E80D1 for <perpass@ietfa.amsl.com>; Fri, 13 Sep 2013 10:49:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.574
X-Spam-Level:
X-Spam-Status: No, score=-2.574 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DWi4KzI1G+Ex for <perpass@ietfa.amsl.com>; Fri, 13 Sep 2013 10:49:21 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) by ietfa.amsl.com (Postfix) with ESMTP id 3501521E80AA for <perpass@ietf.org>; Fri, 13 Sep 2013 10:49:21 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from <randy@psg.com>) id 1VKXUb-0002Ee-Ee; Fri, 13 Sep 2013 17:49:18 +0000
Date: Fri, 13 Sep 2013 07:49:16 -1000
Message-ID: <m28uz0fw83.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Jacob Appelbaum <jacob@appelbaum.net>
In-Reply-To: <5232D366.1000803@appelbaum.net>
References: <CAOHm=4ujOYTHO63EFWMYJBgxUWq00zezYKAJ8B4Vgf_C=xRRVg@mail.gmail.com> <5224DF25.60503@cs.tcd.ie> <7C92613E-33E8-48A6-A152-E9DBB29DEC04@softarmor.com> <522A328A.5060008@cs.tcd.ie> <522E17F9.4000206@bbn.com> <522F685B.8040106@gmx.net> <20130910185544.GF29237@thunk.org> <5232D366.1000803@appelbaum.net>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Cc: perpass <perpass@ietf.org>, Theodore Ts'o <tytso@mit.edu>
Subject: Re: [perpass] Howdy!
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2013 17:49:21 -0000

>> OF course, there will be some things where encryption is simply not
>> needed, and but data integrity is is needed.  Example: time (NTP) and
>> routing protocols.  So we need to be careful how we specify MUST.
>> :-)
> I think this is a reasonable read but I'd like to encourage dissent
> here. Time is a very important part of almost all cryptographic
> protocols

i might go further.  having some protocols in the clear allows the
attacker to better focus their efforts on what is encrypted.  also,
though some data themselves might not require privacy, the nature of
the conversation may facilitate traffic analysis.

randy

v2.23.0 | Report a Bug | By Email