Re: [perpass] perens-perpass-appropriate-response-01

Jacob Appelbaum <jacob@appelbaum.net> Fri, 06 December 2013 11:53 UTC

Return-Path: <jacob@appelbaum.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C19A71ADF60 for <perpass@ietfa.amsl.com>; Fri, 6 Dec 2013 03:53:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Level:
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_BARE_IP_2=2, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U14FU7dg1Ble for <perpass@ietfa.amsl.com>; Fri, 6 Dec 2013 03:53:35 -0800 (PST)
Received: from mail-ee0-f52.google.com (mail-ee0-f52.google.com [74.125.83.52]) by ietfa.amsl.com (Postfix) with ESMTP id 436DF1ADEBB for <perpass@ietf.org>; Fri, 6 Dec 2013 03:53:35 -0800 (PST)
Received: by mail-ee0-f52.google.com with SMTP id d17so244964eek.39 for <perpass@ietf.org>; Fri, 06 Dec 2013 03:53:31 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:mime-version:to:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=XarRBEUT10VlsBHggugFqN4vtqAwgMNpxaNBTypeYiM=; b=UoTwVlpj9vAT8X9fj+EIvhMVmIQEl9DoJ4NhiFkTQ6GXNow2JieMJw5PMcQHQ0y1ZD kjH9ul0VemfTbL7ud2fEHYpoOfr9OQYLC/zYDgGO4aZ7FTcQtOWb+oXtxT/10NRQff74 S5Psqa7FcelygEADN6lQJ0xdgitB2TxcBCp2cgfvhT04ldszbnjfpOPz9tYdECmPHVvl yrEJp0Kp9n9UpStWpmATwGbqjn1rOWSC/1Qq7G6X68sxy7GK5W4qMV9hbgqgJWeYxIE8 76G7jWS0cDXIVEuA64DmP84+L+bF0gH1tvtp1OMxFGHgiB1M35kG53Dh53s51kyxdnK0 eE1g==
X-Gm-Message-State: ALoCoQkMEKd6pG0ZnNjFnNiI/84s4SojkqTU+2q+1oXACGMCwZc+ahaH6jxCCRlJ8JAbxecuKeF4
X-Received: by 10.14.0.201 with SMTP id 49mr2307859eeb.38.1386330810805; Fri, 06 Dec 2013 03:53:30 -0800 (PST)
Received: from 127.0.0.1 (tor-exit-01.thehappy3.com. [178.63.97.34]) by mx.google.com with ESMTPSA id h3sm91639167eem.15.2013.12.06.03.53.28 for <perpass@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 06 Dec 2013 03:53:30 -0800 (PST)
Message-ID: <52A1B9AE.3030108@appelbaum.net>
Date: Fri, 06 Dec 2013 11:49:02 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
MIME-Version: 1.0
To: perpass@ietf.org
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com> <529F9F14.8050805@appelbaum.net> <529FB61A.7090604@perens.com> <529FBEF9.7030205@appelbaum.net> <529FC347.3080806@perens.com> <52A15835.2070901@cis-india.org> <6.2.5.6.2.20131206000507.0bdb7c20@resistor.net> <52A1B570.7000205@ping.de>
In-Reply-To: <52A1B570.7000205@ping.de>
OpenPGP: id=4193A197
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 11:53:37 -0000

Andreas Kuckartz:
> SM:
>> > I read
>> > http://cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system
>> > There are likely similar cases in other countries.
>> > 
>> > What could be the effect if (widely deployed) IETF protocols prevented
>> > such systems from working?  It is possible to design a protocol which
>> > does not allow "in the clear" traffic [1].  It is not clear whether such
>> > a protocol would be widely deployed.
> Jörg Ziercke, the president of the German Federal Criminal Office (BKA)
> three weeks ago suggested to restrict the right to use Tor by requiring
> the registration of users.
> 

Herr Ziercke clearly does not understand how Tor or even how IP networks
actually function.

> Standards can not solve such political and legal attempts to attack the
> privacy and security of users.
> 

I agree that standards will not solve political problems in the
political sphere. Standards will however limit the political and legal
options - as an example - forward secrecy with DHE makes forced key
disclosure irrelevant for retroactive decryption - the past traffic
cannot be decrypted as the session key is not derived from the identity
key.

> But that should not prevent the development of standards which disable
> mass surveillance when those standards are deployed.

I agree.

All the best,
Jacob