[secdir] Paraiso NOT the room we were in for Mesh! 19:10-20:30

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 05 April 2016 17:16 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C92412D0DD for <secdir@ietfa.amsl.com>; Tue, 5 Apr 2016 10:16:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NEsJl0Mj_dMh for <secdir@ietfa.amsl.com>; Tue, 5 Apr 2016 10:16:47 -0700 (PDT)
Received: from mail-lb0-x22d.google.com (mail-lb0-x22d.google.com [IPv6:2a00:1450:4010:c04::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 280E812D199 for <secdir@ietf.org>; Tue, 5 Apr 2016 10:16:47 -0700 (PDT)
Received: by mail-lb0-x22d.google.com with SMTP id qe11so13654792lbc.3 for <secdir@ietf.org>; Tue, 05 Apr 2016 10:16:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to; bh=ZktGzyt4G99JxXBIPhiRavlO3nfVjexaSOeKUbEe2rA=; b=XmYoWvLxYxSTu5K0fkRAF9Jpgiz7qiVmcSgi3Av0vs1Ca/S4KVP3gLHoXN1pW35EhB yljUBMYAtc1669yQMy51rtOoAzmpeFvoMZc0y9ApVXie1wvWM1s0WE+UiDIw9OkKwWw5 ktSm1wxorYtUs0nD8JFU+qr4YNa4d/gnxhRyZdswkcEX0qntPvXbKPkWmwd/rLqhR6mY 39peMNiatYcinTUIVMjhDqdv8b+S/islqoMC1lF8I5442ji8CNXVeqfm4Zd9cV+X3Y9K eedo/GpBQCPUvOkaKJHWDHsJJP6b4ehSNl+Yt8XacEo39Y40u5NOSvsTn0k9+xw1vcmH WYEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:date:message-id:subject:from :to; bh=ZktGzyt4G99JxXBIPhiRavlO3nfVjexaSOeKUbEe2rA=; b=LM7yp9QQa1w/iP2KsB2jKKIW0/S4es9fdkqJXDCNSLMY5nGsR7vSpZGNeGG/olY/Zy cS5W5oc8szsexc36pgv3PYGGdM10cEm4u23HaXaW3lnvOeJA7CtW/eOswPf8OryvyQxv 3ZwqPp8dANu8+hy/MtxE+X7rh+nthCIco8KAymzxeUGLL0QdkfBF+FhsZPyY3MnHIlen bDTM2DjGOq6d3G7UZQJNuqKc0a8vXHtlJCskJwHM4TIuwQBW3fEKuSkJyE9bFGgvLL81 mmL1q6elk+z5KEANiekucVGkrSaP1Yr/VvNzAFreFtTJY4REP3VyE3866hW9YzzYT1uj eTOg==
X-Gm-Message-State: AD7BkJLp2wPSpMHpY+3ZCnG19eYhQuYHfZBc1fESy3ccc8c+HVO3mR4lBtj6qi8sY18J1qDV8KQxOvS9owR7xA==
MIME-Version: 1.0
X-Received: by 10.112.51.8 with SMTP id g8mr3475175lbo.109.1459876605347; Tue, 05 Apr 2016 10:16:45 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.151.67 with HTTP; Tue, 5 Apr 2016 10:16:45 -0700 (PDT)
Date: Tue, 05 Apr 2016 14:16:45 -0300
X-Google-Sender-Auth: iTHHNt2BP7ZLTc9UTaqtcK7CwP8
Message-ID: <CAMm+LwgMjKtFVVoSSNjbrkPomXty17agkLNdSG6gbZ-nYwKx7w@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "secdir@ietf.org" <secdir@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/LAhnUQpDUf4PojQHVsbhvXRNCr4>
Subject: [secdir] Paraiso NOT the room we were in for Mesh! 19:10-20:30
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Apr 2016 17:16:50 -0000

Sorry, turns out Pariso is NOT the IESG room we were in


---------- Forwarded message ----------
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Fri, Apr 1, 2016 at 6:19 PM
Subject: MESH Bar BOF Tues 19:10-21:00 in the IESG room Paraiso
To: "saag@ietf.org" <saag@ietf.org>


People generally agree that usability is the biggest problem facing us
in security. Security that people don't use is useless.

The problem is harder than merely making secure applications as easy
to use as regular apps. If we are going to change people's behavior,
we have to make using the computer easier. Or at least make juggling
the many computers, mobiles, IoT devices etc. easy.

The Mathematical Mesh is a cryptographic infrastructure that allows a
user to create a personal profile and securely connect applications
and devices to it. All connections are authenticated bilaterally, end
to end and with a direct trust model (no trusted third party
required).

There is a cloud service involved but it is an untrusted service and
the user can switch to another any time they like (like a git
repository).

The tools are automated on the principle of 'don't give the user
instructions that can be replaced by code'.

When applications are connected, the user has the option of having the
profile management tool add in security. So when you connect Windows
Live Mail to a Mesh profile, the profile manager will automatically
turn on S/MIME. Right now the certs are self-signed but I am working
on getting it hooked up to the Comodo free cert issue.

All the code is open source under an MIT license and there are links
to the Internet Drafts and the demo videos on the following site:

http://cryptomesh.org/
[or http://prismproof.org/]

Right now the code has only been tested on Windows. But I am in the
middle of trying to get the GUI to work under GTK# which will
'allegedly' allow the code to run on OSX and Linux.

The first applications I want to get support for are SSH and a
WebPassword manager. The advantage of the latter over existing cloud
offerings being that it will be auditable.


I am also working on hooking up some IoT devices.