IETF Logo Mail Archive

Re: [saag] reviews needed of draft-knodel-e2ee-definition

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 29 September 2022 16:23 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1970EC14CE26 for <saag@ietfa.amsl.com>; Thu, 29 Sep 2022 09:23:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.207
X-Spam-Level:
X-Spam-Status: No, score=-4.207 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hc-SldS4XHD3 for <saag@ietfa.amsl.com>; Thu, 29 Sep 2022 09:23:40 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4696BC14CF04 for <saag@ietf.org>; Thu, 29 Sep 2022 09:23:39 -0700 (PDT)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id A547111529F; Thu, 29 Sep 2022 12:23:38 -0400 (EDT)
Date: Thu, 29 Sep 2022 12:23:38 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: saag@ietf.org
Message-ID: <YzXGirGQMJ+nvI+H@straasha.imrryr.org>
Reply-To: saag@ietf.org
References: <CAGL5yWZFpPts5VHgFHxS4xy9Z73xTTFxOac39e0t8SgigV7R8w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAGL5yWZFpPts5VHgFHxS4xy9Z73xTTFxOac39e0t8SgigV7R8w@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/2po4vcC0DbpUCuKnbWRRL582cOM>
Subject: Re: [saag] reviews needed of draft-knodel-e2ee-definition
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2022 16:23:44 -0000

On Wed, Sep 28, 2022 at 05:49:15PM -0400, Paul Wouters wrote:

> A few people have been working on a document to define what it means to be
> end-to-end encrypted, and wrote this up in a draft.
> 
> https://datatracker.ietf.org/doc/html/draft-knodel-e2ee-definition-07
> 

A general comment:  I found the language much too dense and verbose.

If the text is to be useful, it needs to be much more concise and
direct.  A rough attempt below:

    End-to-end communication security:

        A property of a communication system in which the message
        originator and intended recipients are the only parties who can
        read or generate messages.  In particular, intermediaries
        (carriers) involved in message delivery have no privileged access.

        Note however that intermediaries may in many cases be able
        to perform "traffic analysis", that is, track who is
        communicating with whom.  Resistance to traffic analysis
        goes beyond simple end-to-end security, and is both fragile
        and much more difficult to implement.

If one then wants to explore use-cases, policy issues, ... that too
should be written in direct and concise language.

-- 
    Viktor.

v2.23.0 | Report a Bug | By Email