[perpass] Fwd: Re: perens-perpass-appropriate-response-01

Bruce Perens <bruce@perens.com> Sun, 08 December 2013 00:08 UTC

Return-Path: <bruce@perens.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 122E21AE3E5 for <perpass@ietfa.amsl.com>; Sat, 7 Dec 2013 16:08:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.177
X-Spam-Status: No, score=-1.177 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, RP_MATCHES_RCVD=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BD3aWEoydgkV for <perpass@ietfa.amsl.com>; Sat, 7 Dec 2013 16:08:44 -0800 (PST)
Received: from alchemy.perens.com (alchemy.perens.com []) by ietfa.amsl.com (Postfix) with ESMTP id 721A41AE0F8 for <perpass@ietf.org>; Sat, 7 Dec 2013 16:08:44 -0800 (PST)
Received: from [] (66-214-223-54.static.reno.nv.charter.com []) by alchemy.perens.com (Postfix) with ESMTPSA id 54332500084 for <perpass@ietf.org>; Sat, 7 Dec 2013 16:08:40 -0800 (PST)
Message-ID: <52A3B8A4.6000309@perens.com>
Date: Sat, 07 Dec 2013 16:09:08 -0800
From: Bruce Perens <bruce@perens.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131005 Icedove/17.0.9
MIME-Version: 1.0
To: perpass <perpass@ietf.org>
References: <52A3B32D.8000301@perens.com>
In-Reply-To: <52A3B32D.8000301@perens.com>
X-Forwarded-Message-Id: <52A3B32D.8000301@perens.com>
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [perpass] Fwd: Re: perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Dec 2013 00:08:45 -0000

-------- Original Message --------
Subject: Re: [perpass] perens-perpass-appropriate-response-01
Date: Sat, 07 Dec 2013 15:45:49 -0800
From: Bruce Perens <bruce@perens.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>

On 12/07/2013 05:14 AM, Stephen Farrell wrote:
The lack of confidentiality lets the adversary win the race unless you assume 100% coverage of authenticated JS and 100% validation of that and that there are no diginotar like entities involved in the currently non-existent JS authentication infrastructure.
Well, we do have some HTTP uses where encryption that hides the content won't be allowed, and thus authentication is important.

We can't have encryption when we use HTTP over Amateur Radio in the US and many other countries. There is self-policing on ham frequencies that requires that people be able to copy other people's transmissions, and encryption defeats that. Obviously we don't put confidential data on those frequencies, that belongs on your cell phone. So, an authentication-only WiFi protocol is needed for Amateur Radio, and possibly an authentication-only version of TLS.

Even when authentication is not available end-to-end, we gain something by inserting it at the radio gateway.

There are also some situations involving legal minors or prisoners where there should be monitoring. So an authentication-only protocol is interesting for that too.