IETF Logo Mail Archive

Re: [perpass] Fwd: New Version Notification for draft-barnes-pervasive-problem-00.txt

Richard Barnes <rlb@ipv.sx> Tue, 07 January 2014 03:42 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D0DA1AE40D for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 19:42:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LViN9P11wGum for <perpass@ietfa.amsl.com>; Mon, 6 Jan 2014 19:41:54 -0800 (PST)
Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by ietfa.amsl.com (Postfix) with ESMTP id 7788D1AE40B for <perpass@ietf.org>; Mon, 6 Jan 2014 19:41:54 -0800 (PST)
Received: by mail-ob0-f182.google.com with SMTP id wp4so19304917obc.41 for <perpass@ietf.org>; Mon, 06 Jan 2014 19:41:45 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=GCqfV4H9XgJXSOoDfUOkF99l87vK1wdV8Ugzd/H0gYM=; b=eU+dSwUc+IuOrEWvLtVFNn2OZ7+kpCgkoNFNBmBiQl3at1DiTd4ISeu1jaGPVPb8Vf /cShSR7yJ98YP1sPiYzBbOidSQLu99WMdA81jc7CKBqIWm+oc6IbxSHb8JJuTdNg/O7E fFIoyrHcloZBWaW8Yex8MD0zxd6rsQElExYpkWE0wj/sTuMO43jWJm6TfJ4dGxCL9lEr AuC/0aqzsYp58vv1aQIejNuTnuQhGqlF0LvNQPA1HDdD4EYJ3hWkbtvIER267/OBpPxb xBMQDXN9N/wI+oMh9ZWq0eD5pNpWcArqzOuceLv/aOF3hI29Bh68qgiA9q2FJEfdzxcL C+dw==
X-Gm-Message-State: ALoCoQnO0YXUUBN7Oymhb2er1Kls/a8/JH7c+FDJCqvXrdL/uCWAjeIXEjh5mKqMHnggOvAHOVmL
MIME-Version: 1.0
X-Received: by 10.182.148.106 with SMTP id tr10mr239235obb.65.1389066105694; Mon, 06 Jan 2014 19:41:45 -0800 (PST)
Received: by 10.60.54.65 with HTTP; Mon, 6 Jan 2014 19:41:45 -0800 (PST)
In-Reply-To: <CACsn0cnpDJcz7df5DWFZd4U8sFKDXX3d1+4cno9kWaLK+vWusg@mail.gmail.com>
References: <20140107021702.7140.81609.idtracker@ietfa.amsl.com> <CAL02cgRsBQNYd2n05548ZbK-ciPkSNJ=U2V0iv+080p9-1gQbA@mail.gmail.com> <CACsn0cnpDJcz7df5DWFZd4U8sFKDXX3d1+4cno9kWaLK+vWusg@mail.gmail.com>
Date: Mon, 06 Jan 2014 22:41:45 -0500
Message-ID: <CAL02cgQK4yi_d1RVoAbX=B3Te3PLUK5kmewj+heg-=nMS2m4cQ@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Watson Ladd <watsonbladd@gmail.com>
Content-Type: multipart/alternative; boundary="089e012940d8ccbfd204ef5927bf"
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] Fwd: New Version Notification for draft-barnes-pervasive-problem-00.txt
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2014 03:42:01 -0000

On Mon, Jan 6, 2014 at 10:08 PM, Watson Ladd <watsonbladd@gmail.com> wrote:

> On Mon, Jan 6, 2014 at 6:24 PM, Richard Barnes <rlb@ipv.sx> wrote:
> > Dear PERPASS,
> >
> > Stephen asked me to take a stab at a problem statement for PERPASS.  With
> > some help from Bruce, Cullen, and Ted, the results have just been
> published
> > as draft-barnes-pervasive-problem-00.
> >
> > In general, this draft tries to outline at a technical level what we
> mean by
> > pervasive attack, and what the high level mitigations are.
> >
> > Comments welcome!
>
> Minor quibble:
> Intermediate nodes can also be active attackers, e.g. an ISP could
> insert fake email for its customers.
>

Clearly, anyone on-path can be an active attacker.  And, as some of the
TOR-related revelations show, some off-path entities as well.



> At a higher level this draft feels overly removed from the real
> problem: users assumptions about what is
> public on the Internet have frequently been violated, even when
> technical measures to address these issues
> exist. This gets mentioned in passing, but should be front and centre.
>

That seems like it might be a better topic for
draft-farrell-perpass-attack.  We're trying to stick to technical things in
this draft, so "user assumptions" are kind of out of scope.



> The NSA is not the only organisation doing this: Saudi Arabia, the UK,
> China, Ethiopia, France all have major monitoring
> systems in place that can only work because of how weak the core
> protocols of the internet are against manipulation. (And let's not
> forget the
> Pakistani ISP that accidentally knocked Youtube offline)
>

Indeed.  We cite the Great Firewall as an example.

(And technically, that Pakistani ISP didn't accidentally knock YouTube
offline; the only accident was knocking YouTube offline *outside* *of*
*Pakistan*.)



> Also, BGP tricks mean that anyone can be local.
>

s/local/on-path/



> The point should be very simple: no more cleartext, authenticate
> everything, limit authority, and produce an audit trail for when
> things go wrong.
>

That seems like a concise statement of the mitigations discussed in Section
5.
<http://tools.ietf.org/html/draft-barnes-pervasive-problem-00#section-5>

We can try to make that message clearer in future versions, though.

Thanks,
--Richard



> Now let's see if we can do more about it than the CRYPTO '13 rump
> session accomplished.[1]
> Sincerely,
> Watson Ladd
> [1] For those who are unfamiliar:
> http://www.youtube.com/watch?v=cVUIk6nXVcw is the best statement of
> the issue and the solution.
> >
> > Thanks,
> > --Richard
> >
> >
> >
> > ---------- Forwarded message ----------
> > From: <internet-drafts@ietf.org>
> > Date: Mon, Jan 6, 2014 at 9:17 PM
> > Subject: New Version Notification for
> draft-barnes-pervasive-problem-00.txt
> > To: Cullen Jennings <fluffy@cisco.com>, Ted Hardie <ted.ietf@gmail.com>,
> > Bruce Schneier <schneier@schneier.com>, Richard Barnes <rlb@ipv.sx>
> >
> >
> >
> > A new version of I-D, draft-barnes-pervasive-problem-00.txt
> > has been successfully submitted by Richard Barnes and posted to the
> > IETF repository.
> >
> > Name:           draft-barnes-pervasive-problem
> > Revision:       00
> > Title:          Pervasive Attack: A Threat Model and Problem Statement
> > Document date:  2014-01-06
> > Group:          Individual Submission
> > Pages:          23
> > URL:
> >
> http://www.ietf.org/internet-drafts/draft-barnes-pervasive-problem-00.txt
> > Status:
> > https://datatracker.ietf.org/doc/draft-barnes-pervasive-problem/
> > Htmlized:
> http://tools.ietf.org/html/draft-barnes-pervasive-problem-00
> >
> >
> > Abstract:
> >    Documents published in 2013 have revealed several classes of
> >    "pervasive" attack on Internet communications.  In this document, we
> >    review the main attacks that have been published, and develop a
> >    threat model that describes these pervasive attacks.  Based on this
> >    threat model, we discuss the techniques that can be employed in
> >    Internet protocol design to increase the protocols robustness to
> >    pervasive attacks.
> >
> >
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > The IETF Secretariat
> >
> >
> >
> > _______________________________________________
> > perpass mailing list
> > perpass@ietf.org
> > https://www.ietf.org/mailman/listinfo/perpass
> >
>
>
>
> --
> "Those who would give up Essential Liberty to purchase a little
> Temporary Safety deserve neither  Liberty nor Safety."
> -- Benjamin Franklin
>

v2.30.2 | Report a Bug | By Email | System Status