IETF Logo Mail Archive

Re: [saag] The Mathematical Mesh

Ben Laurie <benl@google.com> Tue, 23 April 2019 12:16 UTC

Return-Path: <benl@google.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36855120140 for <saag@ietfa.amsl.com>; Tue, 23 Apr 2019 05:16:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OV59Pgqx0kcu for <saag@ietfa.amsl.com>; Tue, 23 Apr 2019 05:16:39 -0700 (PDT)
Received: from mail-yw1-xc33.google.com (mail-yw1-xc33.google.com [IPv6:2607:f8b0:4864:20::c33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE42D1200F4 for <saag@ietf.org>; Tue, 23 Apr 2019 05:16:36 -0700 (PDT)
Received: by mail-yw1-xc33.google.com with SMTP id i66so1479080ywe.5 for <saag@ietf.org>; Tue, 23 Apr 2019 05:16:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ABVFw89Elv3WudEC/XI6Fq/nBOWRAPNx8FGz4fzi3Ew=; b=EueJulQNvkRU8XqlR4kMgCByMln/zmlehQVp1/AnRzz55thtOvjit/iXyGW5Yrsig0 IkP8XR8T1+fhbYKDV6UTm2/RofPhXvNwomPNlpFTioas4I1SDNzZ8SD9+ntFj0bkB5tv gZBuvP5jUo5m6XIdA3ibLZE7b93P0It2aYdp1IlrHTT2McyRWq7/zfP6V2CgYrE326GU RxStdX0sgixAZkquBkY2oObPtIU/gBdUM6qpjzoQmsgiV56wOdawxGXmon0D5A7xTeNu c+5oESkQnjxYAs61gQW8AYkKOlFD6KZLmcUhmYgAQIxiJ7tHLCiyK8pgPbEAtIA07tFO kdyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ABVFw89Elv3WudEC/XI6Fq/nBOWRAPNx8FGz4fzi3Ew=; b=X1Kt1XtjwVslCCpktmgFpukPak++G8WuaUrMvaK2yM0MZ6DBtWE7slZmvJDQZHymVn VSaFdOX4C9urvEkWMZXH/xbHUFUe+Oqmi4/60BLWNJ3qKF0Nki1/5+n1+tPcGMUT2TXl X+JJjflUfFwyhVG197gPS9d5llZuoN7H6cnuCh8ne6o6ahDt4OVoYIMrCLfAP5Is7+KA N9WacbaVWSMIqiGah3pXkWRATVymgD9cHdnt4R/d8PibDrN8fRPBZaSB1uFCyXQv9sUc fSzNJ+zaQkR05JxIAyxttO4jfWmYEsCvU5iTBbPxEQhAu3SKC+e1Kh3n5f0qOZn8CvQG Bo3w==
X-Gm-Message-State: APjAAAU/v2obWsfW8PdcBcCxHGSY38Y0GkA6nEIrbJyh4AEp5BdfuH+R NpskJZPovfE0Eui+2xRXNQEx1bnfY65AJgRCoz4soQ==
X-Google-Smtp-Source: APXvYqzcD9UHlqR9qNj6vR6f5vlDxVmO/1/O65TTIz2A28d0G4r1mwV6MN3rHZ492NDp6DgoM1DGZbKJn8Z4yGWxArY=
X-Received: by 2002:a81:7c55:: with SMTP id x82mr20442279ywc.488.1556021795621; Tue, 23 Apr 2019 05:16:35 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+LwiF3iGiRO5reW4KCgf8vp=Kv=+4pD+_rGOcxEsD1Hxk4g@mail.gmail.com> <20190422190302.GA3137@localhost> <CAMm+Lwj1BV1=UQwE8-5tPO_mxOVixfkiUjXvu+U_AgnSzzkjvg@mail.gmail.com>
In-Reply-To: <CAMm+Lwj1BV1=UQwE8-5tPO_mxOVixfkiUjXvu+U_AgnSzzkjvg@mail.gmail.com>
From: Ben Laurie <benl@google.com>
Date: Tue, 23 Apr 2019 13:16:23 +0100
Message-ID: <CABrd9STVA=fT+oH7f4S_x8JQVaQRUJASWCY5g4pnhQL6ezWaHA@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: Nico Williams <nico@cryptonector.com>, secdispatch@ietf.org, IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000647f880587318e0f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/WRAdbTUseD7R1rEf7XTb5tCNQMA>
Subject: Re: [saag] The Mathematical Mesh
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 12:16:41 -0000

On Mon, 22 Apr 2019 at 20:33, Phillip Hallam-Baker <phill@hallambaker.com>
wrote:

> The primary focus is enabling real users to manage public key pairs on
> their devices without being aware that they are doing it. Securely
> establishing a set of public key pairs on each device and providing a
> validation path to the user's personal axiom of trust is the main idea
> here. Because if we achieve that, we are 80% of the way to securing almost
> any communication pattern.
>

Where is the user testing for this? BTW, seems to me if users are not aware
that they are doing it, they will also not be aware when they are not doing
it. That doesn't seem like a path to security to me.

-- 
I am hiring! Formal methods, UX, management, SWE ... verified s/w and h/w.
#VerifyAllTheThings.

*https://grow.googleplex.com/jobs/search?query=team:%221944651479079%22
<https://grow.googleplex.com/jobs/search?query=team:%221944651479079%22>*

v2.23.0 | Report a Bug | By Email