Re: [perpass] Commnets on draft-farrell-perpass-attack-00 was RE: perens-perpass-appropriate-response-01
Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 05 December 2013 14:55 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D48FF1AE011; Thu, 5 Dec 2013 06:55:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8V8xiQsjbgBP; Thu, 5 Dec 2013 06:55:27 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 10CAB1AE036; Thu, 5 Dec 2013 06:55:21 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 72218BEDC; Thu, 5 Dec 2013 14:55:17 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tyfTbw7uvbCD; Thu, 5 Dec 2013 14:55:17 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4CA21BE73; Thu, 5 Dec 2013 14:55:17 +0000 (GMT)
Message-ID: <52A093D6.3030206@cs.tcd.ie>
Date: Thu, 05 Dec 2013 14:55:18 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: Josh Howlett <Josh.Howlett@ja.net>
References: <290E20B455C66743BE178C5C84F1240847E5103799@EXMB01CMS.surrey.ac.uk> <2C66A416-5F07-4803-A4C0-BB61734BA42E@nominum.com> <CEC5F4B3.1282E%Josh.Howlett@ja.net> <52A05F05.3040506@cs.tcd.ie> <CEC61354.1290C%Josh.Howlett@ja.net>, <52A0744C.8030501@cs.tcd.ie> <55DC663C2F4F9F439F23543E0078E8B39A183AE7@EXC001>
In-Reply-To: <55DC663C2F4F9F439F23543E0078E8B39A183AE7@EXC001>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Cc: perpass <perpass@ietf.org>, IETF Discussion <ietf@ietf.org>
Subject: Re: [perpass] Commnets on draft-farrell-perpass-attack-00 was RE: perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Dec 2013 14:55:30 -0000
On 12/05/2013 02:41 PM, Josh Howlett wrote: > Stephen, > > Yes I agree its necessary, but its not the hard part of the problem. > We are focusing on implementation detail, Great, I think we agree on that, maybe with slightly different emphases. > at the expense of the meaty > political problems; namely, (1) establishing the level of monitoring > civil society is willing to tolerate (on the spectrum none to > pervasive) and (2) building whatever legislative consensus is > necessary to enforce that. Those may be good things for folks to do in various other places, but I don't think they're for the IETF to do. Cheers, S. > Moving straight to (3) the solution space > may deliver specs and running code, but not the motivations to deploy > it (or worse, incentives not to). I applaud the effort, even if it > only serves to incrementally improve on the status quo, but given > your adversaries I fear it is already doomed before it has started. > Seriously, best of luck anyway :-) > > Josh. ________________________________ From: Stephen > Farrell<mailto:stephen.farrell@cs.tcd.ie> Sent: 05/12/2013 12:41 > To: Josh Howlett<mailto:Josh.Howlett@ja.net> Cc: > perpass<mailto:perpass@ietf.org>; IETF > Discussion<mailto:ietf@ietf.org> Subject: Re: [perpass] Commnets on > draft-farrell-perpass-attack-00 was RE: > perens-perpass-appropriate-response-01 > > > Josh, > > On 12/05/2013 12:28 PM, Josh Howlett wrote: >> Hi Stephen, >> >> I absolutely agree that the technical work is necessary, but it is >> not sufficient. > > So you agree this draft is necessary? If so, good. > > Nobody (sensible) claimed it was sufficient by itself to stop > pervasive monitoring. It can nonetheless improve the Internet in any > case, both when considering the pervasive monitoring threat and other > threats. If e.g. the UTA WG is chartered later today then what > they're going to do, which is directly spurred by this overall > discussion, could significantly improve e.g. SMTP security. > >> The political environment controls the legal and regulatory >> environment within which CEOs, their lawyers, and the other minions >> whose role is to minimise corporate risk exposure, take the >> decisions on which products and services reach the market. >> >> The technical community can obviously choose to do the work >> regardless, but in the absence of conformant products and services >> it runs the risk of being a paper exercise. > > That seems to apply to any new work that anyone does in the IETF and > is not a reason to do nothing. > >> I am sympathetic to your argument that the technical work could >> happen in advance of policy, > > That is not my argument. The technical work should happen and for > technical reasons. > >> but that hands the advantage to the adversary who can use this >> intelligence to advance blocking political measures. > > Game theory is fun, but not particularly productive for this draft > IMO. That'd be more relevant for specific bits of protocol work where > it might be the case that one could consider how an adversary could > react to a particular mitigation for this or other threats. At the > level of this draft I don't think there's anything useful to be done > in that respect. > > Cheers, S. > >> >> I also agree that it is unfortunate that none of the numerous >> acronyms that claim to have a remit in Internet policy are working >> with the technical community. In the majority of the capitols of >> Europe there is clearly a political appetite to roll pervasive >> monitoring back, and these acronyms would be pushing on an open >> door (and, in fairness, perhaps they already are but it is not >> obvious to the outside world). It is not far from Geneva to >> Brussels... >> >> Josh. >> >> On 05/12/2013 11:09, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> >> wrote: >> >>> >>> Josh, >>> >>> On 12/05/2013 10:53 AM, Josh Howlett wrote: >>>> >>>> I fully support action to increase security, where it responds >>>> to the prevailing threat environment. But it will be a >>>> perpetuation of the naivety that has characterised this debate >>>> to think that this alone will halt pervasive monitoring, >>>> because the threat is not technical in nature. >>> >>> Personally, I think anyone using the argument that "you can't >>> solve the problem therefore do nothing" is talking about the same >>> amount of nonsense as anyone who says "the IETF can halt >>> pervasive monitoring." >>> >>> You don't quite say either of those above, but neither do you >>> acknowledge that the draft in question, and all the sensible >>> discussion (which is far from all the discussion;-) around that >>> fully acknowledges that the technical things that can and should >>> be done are only part of the story. >>> >>>> The technical response must be coordinated with a political >>>> response, or else the perpetrators will find political means to >>>> route around the technical measures. >>> >>> I disagree with "must be coordinated" for various reasons. >>> >>> Given the time it takes for us to do our part, which is measured >>> in years before we get good deployment, imposing a requirement to >>> start with coordination would mean doing nothing ever. >>> >>> Secondly, with whom would we coordinate? Again, trying to impose >>> a requirement for coordination with a non-existent Internet-wide >>> political entity is tantamount to doing nothing. >>> >>> If some other folks outside the IETF are working on the same >>> issues that'll be good or bad, and for some such activities >>> it'll be useful for us to know about and consider them. And maybe >>> it'll be useful for others to know what we're up to, but we >>> should not wait. >>> >>>> The political response shouldn't be organised within the IETF, >>>> but it does need to liaise with those responsible for doing >>>> that. >>> >>> "The" political response? You expect only one? Again, I don't >>> think we should hang around waiting - we should document the >>> consensus from Vancouver and then follow that through in our >>> normal work within working groups and elsewhere - considering >>> threats, including this one, as we develop protocols. >>> >>>> Unfortunately I am not observing any movement by any of the >>>> other parties within our wonderful multi-stakeholder system >>>> that you would think would be notionally responsible for this. >>>> My fear is that they are opting to drink the technology >>>> Kool-Aid, to avoid grasping the political nettle. That is what >>>> should be concerning us right now. >>> >>> Fully disagree. Its us should be grasping nettles and working to >>> improve the security and privacy properties of our protocols. >>> >>> Regards, S. >>> >> >> >> Janet(UK) is a trading name of Jisc Collections and Janet Limited, >> a not-for-profit company which is registered in England under No. >> 2881024 and whose Registered Office is at Lumen House, Library >> Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. >> 614944238 >> >> _______________________________________________ perpass mailing >> list perpass@ietf.org >> https://www.ietf.org/mailman/listinfo/perpass >> >> > > Janet(UK) is a trading name of Jisc Collections and Janet Limited, a > not-for-profit company which is registered in England under No. > 2881024 and whose Registered Office is at Lumen House, Library > Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. > 614944238 > > _______________________________________________ perpass mailing list > perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass >
- [perpass] Commnets on draft-farrell-perpass-attac… l.wood
- Re: [perpass] Commnets on draft-farrell-perpass-a… Ted Lemon
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Phillip Hallam-Baker
- Re: [perpass] Commnets on draft-farrell-perpass-a… l.wood
- Re: [perpass] Commnets on draft-farrell-perpass-a… Ted Lemon
- Re: [perpass] Commnets on draft-farrell-perpass-a… Theodore Ts'o
- Re: [perpass] Commnets on draft-farrell-perpass-a… Hannes Tschofenig
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Mark Nottingham
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Jacob Appelbaum
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Jacob Appelbaum
- Re: [perpass] Commnets on draft-farrell-perpass-a… Phillip Hallam-Baker
- Re: [perpass] Commnets on draft-farrell-perpass-a… Bruce Perens
- Re: [perpass] Commnets on draft-farrell-perpass-a… Stephane Bortzmeyer
- Re: [perpass] Commnets on draft-farrell-perpass-a… Josh Howlett
- Re: [perpass] Commnets on draft-farrell-perpass-a… Stephen Farrell
- Re: [perpass] Commnets on draft-farrell-perpass-a… Josh Howlett
- Re: [perpass] Commnets on draft-farrell-perpass-a… Stephen Farrell
- Re: [perpass] Commnets on draft-farrell-perpass-a… Josh Howlett
- Re: [perpass] Commnets on draft-farrell-perpass-a… Stephen Farrell
- [perpass] Tiny stacks Brian E Carpenter
- Re: [perpass] Tiny stacks Richard Barnes
- Re: [perpass] Tiny stacks Robin Wilton
- Re: [perpass] Tiny stacks Paul Ferguson
- Re: [perpass] Tiny stacks Hannes Tschofenig
- [perpass] Way forward? [Was: Tiny stacks] Martin Millnert
- Re: [perpass] Tiny stacks Brian E Carpenter
- Re: [perpass] Tiny stacks Phillip Hallam-Baker
- Re: [perpass] Tiny stacks Richard Barnes
- Re: [perpass] Tiny stacks Martin Thomson
- Re: [perpass] Tiny stacks Stephen Farrell
- Re: [perpass] Tiny stacks Richard Barnes
- Re: [perpass] Tiny stacks Bjoern Hoehrmann
- Re: [perpass] Tiny stacks Richard Barnes
- Re: [perpass] Tiny stacks Stephen Farrell
- Re: [perpass] Tiny stacks Stephen Farrell
- Re: [perpass] Tiny stacks Brian E Carpenter
- Re: [perpass] Tiny stacks Phillip Hallam-Baker
- Re: [perpass] Tiny stacks Stephen Farrell
- Re: [perpass] Tiny stacks Phillip Hallam-Baker
- Re: [perpass] Tiny stacks Robin Wilton
- Re: [perpass] Tiny stacks Joseph Lorenzo Hall
- Re: [perpass] Tiny stacks Scott Brim
- Re: [perpass] Tiny stacks Scott Brim
- Re: [perpass] Tiny stacks Phillip Hallam-Baker
- Re: [perpass] Tiny stacks Dean Willis