Re: [perpass] Getting started...

Brian Trammell <> Sat, 17 August 2013 10:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 635AD11E80D9 for <>; Sat, 17 Aug 2013 03:17:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iMDrzbURuTDV for <>; Sat, 17 Aug 2013 03:17:52 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7A7A811E80DF for <>; Sat, 17 Aug 2013 03:17:52 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 85DE6D9316; Sat, 17 Aug 2013 12:17:46 +0200 (MEST)
X-Virus-Scanned: by amavisd-new on
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with LMTP id wsWdoXQk1XKy; Sat, 17 Aug 2013 12:17:46 +0200 (MEST)
Received: from [] ( []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: briant) by (Postfix) with ESMTPSA id 284CBD9307; Sat, 17 Aug 2013 12:17:46 +0200 (MEST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Brian Trammell <>
In-Reply-To: <>
Date: Sat, 17 Aug 2013 12:17:44 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <>
To: Stephen Farrell <>
X-Mailer: Apple Mail (2.1508)
Cc: SM <>,
Subject: Re: [perpass] Getting started...
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 17 Aug 2013 10:17:58 -0000

hi SM, Stephen, all,

On Aug 17, 2013, at 12:05 PM, Stephen Farrell <> wrote:
>> Discussions about monitoring is a sensitive subject.  
> Yes. However, even those who want to be able to monitor at point X,
> probably don't want their sensitive stuff monitored at points Y,Z,...
> So you don't actually have to have inhaled all the fumes to think
> its a good plan for Internet protocols to be more robust against
> pervasive monitoring.
>> I am curious to
>> see whether the 50 people are willing to discuss about that on this
>> mailing list. :-)
> I hope so. We had some good discussions in Berlin at any rate and
> my hope is that at least the people involved in that will chime in.
> But I guess we'll see when we see.

There's also a difference between the threat models of pervasive monitoring (an analysis of what can be done) and operational practice (a report of what _is_ done). We should, to the extent possible, work from the former, referring to the latter anecdotally -- because that, I suspect, is all we're going to get.

Of course, if the threat model is "the adversary cooperates with the endpoint(s) of the communication", there's not a whole lot you can do at the protocol level. But that is, I think, a point for wider discussion, and there is significant work to be done, even if it just ends up being a cross-area awareness-building exercise; on which more soon.