Re: [perpass] "Its an attack" BCP draft
Warren Kumari <warren@kumari.net> Fri, 22 November 2013 18:26 UTC
Return-Path: <warren@kumari.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BDAC1AE091 for <perpass@ietfa.amsl.com>; Fri, 22 Nov 2013 10:26:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.425
X-Spam-Level:
X-Spam-Status: No, score=-2.425 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.525] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bpmkng72xxzo for <perpass@ietfa.amsl.com>; Fri, 22 Nov 2013 10:26:03 -0800 (PST)
Received: from vimes.kumari.net (smtp1.kumari.net [204.194.22.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A3C21ADF89 for <perpass@ietf.org>; Fri, 22 Nov 2013 10:26:03 -0800 (PST)
Received: from [5.5.8.8] (vpn.snozzages.com [204.194.22.7]) by vimes.kumari.net (Postfix) with ESMTPSA id 979B81B405BE; Fri, 22 Nov 2013 13:25:52 -0500 (EST)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Warren Kumari <warren@kumari.net>
In-Reply-To: <C0933FCF-1B14-4504-8527-0A5B9A3DAE41@fugue.com>
Date: Fri, 22 Nov 2013 15:24:44 -0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <70BC6020-DEE1-413D-B6A7-936C1A7B3297@kumari.net>
References: <528D34D7.1010303@cs.tcd.ie> <528D3A85.5090003@gmail.com> <528D3B28.8020406@cs.tcd.ie> <528D3DA6.1030505@bogus.com> <528D402F.9040407@comodo.com> <40D06EA2-3369-487F-9D37-AF1E103E8908@fugue.com> <528D4390.3000806@bogus.com> <C0933FCF-1B14-4504-8527-0A5B9A3DAE41@fugue.com>
To: Ted Lemon <mellon@fugue.com>
X-Mailer: Apple Mail (2.1510)
Cc: Joel Jaeggli <joelja@bogus.com>, perpass <perpass@ietf.org>, Rob Stradling <rob.stradling@comodo.com>, Warren Kumari <warren@kumari.net>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [perpass] "Its an attack" BCP draft
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2013 18:26:05 -0000
On Nov 20, 2013, at 8:24 PM, Ted Lemon <mellon@fugue.com> wrote: > On Nov 20, 2013, at 6:19 PM, joel jaeggli <joelja@bogus.com> wrote: >> bad actor is a value judgement. have no doubt that the intent of >> surveillance is hostile with respect to the assumputions of the privacy >> of one's communications. > > It's a lot softer to say "we have to treat passive surveillance as an attack because there is no way to distinguish between cases where it is and is not an attack" than it is to say "passive surveillance is an attack." Of course you can tell them apart -- simply require the passive surveillant to set the evil bit in all packets that they touch if it is an attack. If it is *not* an attack, they simply clear the evil bit. The originating party should randomly (with a good source of randomness (of course)) set the bit, and track which packets they did this on. The receiver should track which packets had it set. They then compare (out of band, and over a secure channel) which packets had the bit set, and can then determine, with some good probability of detection if someone was surveilling their traffic. I can extend this solution to other layers with an elegant solution involving checkboxes…. There, I fixed it for you… W -- For every complex problem, there is a solution that is simple, neat, and wrong. -- H. L. Mencken > > The document goes to some lengths not to examine the motivation of the eavesdropper, so finding a better term than "bad actor" makes sense to me. > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > -- For every complex problem, there is a solution that is simple, neat, and wrong. -- H. L. Mencken
- Re: [perpass] "Its an attack" BCP draft Ralf Skyper Kaiser
- [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Brian E Carpenter
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft joel jaeggli
- Re: [perpass] "Its an attack" BCP draft Rob Stradling
- Re: [perpass] "Its an attack" BCP draft Ted Lemon
- Re: [perpass] "Its an attack" BCP draft joel jaeggli
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Ted Lemon
- Re: [perpass] "Its an attack" BCP draft Paul Ferguson
- Re: [perpass] "Its an attack" BCP draft Fred Baker (fred)
- Re: [perpass] "Its an attack" BCP draft Fred Baker (fred)
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Yoav Nir
- Re: [perpass] "Its an attack" BCP draft Phillip Hallam-Baker
- Re: [perpass] "Its an attack" BCP draft Jon Callas
- Re: [perpass] "Its an attack" BCP draft Robin Wilton
- Re: [perpass] "Its an attack" BCP draft SM
- Re: [perpass] "Its an attack" BCP draft Stephen Kent
- Re: [perpass] "Its an attack" BCP draft Robin Wilton
- Re: [perpass] "Its an attack" BCP draft Warren Kumari
- Re: [perpass] "Its an attack" BCP draft Dean Willis
- Re: [perpass] "Its an attack" BCP draft Jari Arkko