Re: [perpass] Howdy!
Jacob Appelbaum <jacob@appelbaum.net> Sat, 14 September 2013 17:58 UTC
Return-Path: <jacob@appelbaum.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E18111E81B7 for <perpass@ietfa.amsl.com>; Sat, 14 Sep 2013 10:58:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2+5WcKMGwBdM for <perpass@ietfa.amsl.com>; Sat, 14 Sep 2013 10:58:08 -0700 (PDT)
Received: from mail-ye0-f173.google.com (mail-ye0-f173.google.com [209.85.213.173]) by ietfa.amsl.com (Postfix) with ESMTP id 5D8F711E8172 for <perpass@ietf.org>; Sat, 14 Sep 2013 10:58:08 -0700 (PDT)
Received: by mail-ye0-f173.google.com with SMTP id m3so971942yen.4 for <perpass@ietf.org>; Sat, 14 Sep 2013 10:58:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:mime-version:to:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=i+txK/bNfSOojBCh4Y8PuJjy2D+3BcO9FcXynw+2z3E=; b=iRDCzDu9zRGOL4NAitQKD5vY5NwPmSjGBZ0v9HR6JaNICl71TwDzpTaq5Ft9CiyQZG WyQqO1WkQPHxwzs3XTF2MI083VQIxRhBZsF+SrBcHMt2iYLG1r23r7QZrusUZyyivH+L jnzBPC9N0GvG3UMJ8L6my/s3uDMYXQIvQCyvqHzVX8ZBwRF/1pccAbgd1sLVN5Spr5yv ULMIQBYD66ipcuw8tZnV7CexZX5jNdyv0lGiosk2smc58y9DfxhxHi5DoMrrWDqovf1+ kp7C4Db5WGuzPfBERaLJ3Vr/4B4JVUCD3w5Mz8jaACUlYTQni8x8puKyHuTjKfzRNuVi HaqQ==
X-Gm-Message-State: ALoCoQnqoCdBkQqu294f5JMjH94cgoIUMVi9DCrGenI5TXBM/u94+3DdZiWCjIqiOfaAl7kKcJuI
X-Received: by 10.236.85.237 with SMTP id u73mr72777yhe.67.1379181487723; Sat, 14 Sep 2013 10:58:07 -0700 (PDT)
Received: from 127.0.0.1 (wannabe.torservers.net. [96.47.226.22]) by mx.google.com with ESMTPSA id d26sm21495844yhk.21.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 14 Sep 2013 10:58:07 -0700 (PDT)
Message-ID: <5234A2E3.2050604@appelbaum.net>
Date: Sat, 14 Sep 2013 17:54:43 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
MIME-Version: 1.0
To: perpass@ietf.org
References: <CAOHm=4ujOYTHO63EFWMYJBgxUWq00zezYKAJ8B4Vgf_C=xRRVg@mail.gmail.com> <5224DF25.60503@cs.tcd.ie> <7C92613E-33E8-48A6-A152-E9DBB29DEC04@softarmor.com> <522A328A.5060008@cs.tcd.ie> <522E17F9.4000206@bbn.com> <7DA623C5-E8C4-437F-BFC9-0CDD350853A8@softarmor.com> <6.2.5.6.2.20130914054829.0b2a32d8@resistor.net>
In-Reply-To: <6.2.5.6.2.20130914054829.0b2a32d8@resistor.net>
OpenPGP: id=4193A197
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [perpass] Howdy!
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Sep 2013 17:58:14 -0000
SM: > Hi Dean, > At 10:12 13-09-2013, Dean Willis wrote: >> So unless we have widespread review, from people likely to be in the >> influence of multiple and conflicting actors, we really haven't had a >> review. How widespread? I'm not exactly sure -- but it means more than >> one review, from more than one company, from more than one sector, and >> from more than one nation-state at a minimum. Trust is really hard; >> our best substitute is a very widespread consensus. >> >> Arguably, the mode that we've operated in for many years has given us >> a rather bad current situation. Perhaps we should reassess "good enough". > > The IETF has been operating in "good enough" mode since a long time. > Some proposals do not get widespread review. There are variations of > RFC 6302 in the IETF RFCs. When I raised a "privacy issue" some time > back the only person who supported the argument was Stephen Farrell. > The amount of effort to raise a "privacy issue" is discouraging. > Seems like that isn't a problem now, right? Water under the bridge, perhaps? I have also seen a lot of IETF privacy and security weirdness but it is clear that things are improving now. > It's difficult to ensure review from more than one nation-state when the > majority is from one nation-state. It is not always clear what the > company or sector ties are. I don't think that this is a problem at all. I see people from a dozen countries on this list. > > There is a report of a Tor exit node being compromised. It's unlikely > that the problem could have been avoided with better encryption. The > architectural aspect of the problem was mentioned in 2005. > (Tor Developer here...) What are you referring to with regard to a Tor exit node being compromised? All the best, Jacob
- [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Stephen Farrell
- Re: [perpass] Howdy! Yoav Nir
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Stephen Farrell
- Re: [perpass] Howdy! Moriarty, Kathleen
- Re: [perpass] Howdy! Rene Struik
- Re: [perpass] Howdy! Stephen Kent
- Re: [perpass] Howdy! Hannes Tschofenig
- Re: [perpass] Howdy! Theodore Ts'o
- Re: [perpass] Howdy! Jacob Appelbaum
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Randy Bush
- Re: [perpass] Howdy! Phillip Hallam-Baker
- Re: [perpass] Howdy! Stephen Farrell
- Re: [perpass] Howdy! SM
- Re: [perpass] Howdy! Jacob Appelbaum
- Re: [perpass] Howdy! Norbert Bollow
- Re: [perpass] Howdy! SM
- Re: [perpass] Howdy! Phil Karn
- Re: [perpass] Howdy! Stephen Kent
- Re: [perpass] Howdy! Stephen Farrell
- Re: [perpass] Howdy! Dean Willis
- Re: [perpass] Howdy! Dean Willis