Re: [perpass] Violating end-to-end principle: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
Phillip Hallam-Baker <hallam@gmail.com> Thu, 16 January 2014 22:19 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E86DD1AD8DA for <perpass@ietfa.amsl.com>; Thu, 16 Jan 2014 14:19:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.399
X-Spam-Level:
X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_LETTER=-2, HTML_MESSAGE=0.001, J_CHICKENPOX_21=0.6, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xBZiGGKpH9H3 for <perpass@ietfa.amsl.com>; Thu, 16 Jan 2014 14:19:46 -0800 (PST)
Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com [IPv6:2a00:1450:4010:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 37E5F1AD739 for <perpass@ietf.org>; Thu, 16 Jan 2014 14:19:46 -0800 (PST)
Received: by mail-la0-f47.google.com with SMTP id el20so516530lab.20 for <perpass@ietf.org>; Thu, 16 Jan 2014 14:19:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=DZ3TNaQhgRCcqAWITO0v20l8k2CoqmC4QgJYcPwcp6o=; b=Txh7hDNjQhkLrA2AW7RI6HgdXX4UKlLPMUMt6hXR90oS0tSmmZUcfFxtzZLuJ2pyqO +e6UPtu3X3bHJZWP0JdFTPr1m203i6H415lgvZV/k3l2rjxeuvHeeZ9qh5leSRAvmwR0 Z++So0+SQKFR7oKwfYHa6JHaWOArYgSeBZuIhN2sEG7awQuMR+VmscvW3zOncwNn42y1 jbQsp0EBXA0ZZ4gLOCe6aUvK9RVLEFrI9anDm78FSiyGfb+BR8tzeeyK8DgeujGVrV6F gaqc4Sj6TkKGm8l94W/IYNKt4uvOnpSYR/BBSNpHdOVvrifhyChwF7qTwp+OCuntKuBM mU3A==
MIME-Version: 1.0
X-Received: by 10.152.22.201 with SMTP id g9mr6469318laf.27.1389910773241; Thu, 16 Jan 2014 14:19:33 -0800 (PST)
Received: by 10.112.37.172 with HTTP; Thu, 16 Jan 2014 14:19:32 -0800 (PST)
In-Reply-To: <20140116192320.GD32098@thunk.org>
References: <04c001cf1123$7e5c00c0$7b140240$@olddog.co.uk> <CAMm+Lwj0r3PNoBC0Y1ydibD3piioZ57Z1Ks-Ea6o58xahjXKwQ@mail.gmail.com> <20140116192320.GD32098@thunk.org>
Date: Thu, 16 Jan 2014 17:19:32 -0500
Message-ID: <CAMm+Lwh9306PBjUR7iSUqQYEZNNQswxLZ92ri3D3fOpmWe8SzQ@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Theodore Ts'o <tytso@mit.edu>
Content-Type: multipart/alternative; boundary="089e0158c308e89d5e04f01dd174"
Cc: Adrian Farrel <adrian@olddog.co.uk>, perpass <perpass@ietf.org>, Stephen Kent <kent@bbn.com>
Subject: Re: [perpass] Violating end-to-end principle: I-D Action: draft-farrelll-mpls-opportunistic-encrypt-00.txt
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jan 2014 22:19:49 -0000
On Thu, Jan 16, 2014 at 2:23 PM, Theodore Ts'o <tytso@mit.edu> wrote: > On Thu, Jan 16, 2014 at 09:57:07AM -0500, Phillip Hallam-Baker wrote: > > End to end ideology in security is particularly harmful because there are > > some security controls that are simply not compatible with end-to-end > > approaches. You cannot protect against traffic or meta-data analysis > > end-to-end. > > That may be true, but the alternative of edge-to-edge security is even > worse. Edge-to-edge security also doesn't protect against traffic or > meta-data analysis, and upon receipt of a National Security Letter to > your IMAP provider, doesn't protect the contents of your e-mail, > either. > > So I don't see how claiming that striving for end-to-end security is > "harmful". > Arguing for end to end security at the exclusion of transport models is harmful. Looking at NSLs as the attack paradigm is unwise as we don't currently have any IETF countermeasure. Not PGP, not S/MIME, not STARTTLS. You are free to propose one but it certainly won't be an end to end security solution because the internet infrastructure that is routing packets and messages needs to know the direction to send them in. PGP and S/MIME are both unable to protect meta-data against an attacker with intercept capability. STARTTLS is unable to protect content against attack by a corrupt system administrator. To have comprehensive security we need both the End 2 End security to protect the data at rest and the transport layer security to protect the metadata in motion. -- Website: http://hallambaker.com/
- [perpass] Violating end-to-end principle: I-D Act… Adrian Farrel
- Re: [perpass] Violating end-to-end principle: I-D… Phillip Hallam-Baker
- Re: [perpass] Violating end-to-end principle: I-D… Joseph Lorenzo Hall
- Re: [perpass] Violating end-to-end principle: I-D… Theodore Ts'o
- Re: [perpass] Violating end-to-end principle: I-D… Dave Crocker
- Re: [perpass] Violating end-to-end principle: I-D… Stephen Farrell
- Re: [perpass] Violating end-to-end principle: I-D… Phillip Hallam-Baker
- Re: [perpass] Violating end-to-end principle: I-D… Christian Huitema
- Re: [perpass] Violating end-to-end principle: I-D… Phillip Hallam-Baker
- Re: [perpass] Violating end-to-end principle: I-D… Stephen Kent
- [perpass] tcpcrypt applicability (Was: Re: Violat… Stephen Farrell
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Dave Crocker
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Phillip Hallam-Baker
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Stephen Kent
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Phillip Hallam-Baker
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Stephen Kent
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Phillip Hallam-Baker
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Stephen Kent
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Phillip Hallam-Baker
- [perpass] Increasingly strange thread (was: .... … Leif Johansson
- Re: [perpass] Increasingly strange thread (was: .… Scott Brim
- Re: [perpass] tcpcrypt applicability (Was: Re: Vi… Stephen Kent