Re: [Secdispatch] [saag] The Mathematical Mesh

Ben Laurie <> Tue, 23 April 2019 12:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 905781200D6 for <>; Tue, 23 Apr 2019 05:16:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0zVuHa7YurQg for <>; Tue, 23 Apr 2019 05:16:41 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::c2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AE31A1200EF for <>; Tue, 23 Apr 2019 05:16:36 -0700 (PDT)
Received: by with SMTP id t79so3721365ywc.7 for <>; Tue, 23 Apr 2019 05:16:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ABVFw89Elv3WudEC/XI6Fq/nBOWRAPNx8FGz4fzi3Ew=; b=EueJulQNvkRU8XqlR4kMgCByMln/zmlehQVp1/AnRzz55thtOvjit/iXyGW5Yrsig0 IkP8XR8T1+fhbYKDV6UTm2/RofPhXvNwomPNlpFTioas4I1SDNzZ8SD9+ntFj0bkB5tv gZBuvP5jUo5m6XIdA3ibLZE7b93P0It2aYdp1IlrHTT2McyRWq7/zfP6V2CgYrE326GU RxStdX0sgixAZkquBkY2oObPtIU/gBdUM6qpjzoQmsgiV56wOdawxGXmon0D5A7xTeNu c+5oESkQnjxYAs61gQW8AYkKOlFD6KZLmcUhmYgAQIxiJ7tHLCiyK8pgPbEAtIA07tFO kdyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ABVFw89Elv3WudEC/XI6Fq/nBOWRAPNx8FGz4fzi3Ew=; b=tFgxIfqqICbcOV3URsj4Mai1ZHOgjuDPETYSEnxcmlls7vk5Z3dP03w6NMcZ/usxIo sSDW2eHwX+92IiZ/z7EaVZdt9jfMgpISrQVd8+fh72pniQ1psFraiQvu7VJ7R86QG8+M lmjyqniRy5/rvx0JVHXSh1L91bSv2gVl+BxKbTLYAGUCIdVWjht7hzvkIRVxrcJHFqq5 94I2As5sr6dIQ8YaatN9zN42KH/gYFYaPzXQ+xFzj1JuD+imbXgLxqJT6IhPnzdLJ2zr wafw2717X4h8i4VMnfdrhvecI15YNfbalctyP9rFm5RPN9vJvR7A7AuH3eG7mloo1F2D MOOQ==
X-Gm-Message-State: APjAAAUvcQMU6MZCllx0EUYcp75UVASqptzPfvdzKnLv5PIipUlGY7lk ZeEsvhpi5npXvn33+bjMUErTlxS0Tu04+ZjkPl2YZQ==
X-Google-Smtp-Source: APXvYqzcD9UHlqR9qNj6vR6f5vlDxVmO/1/O65TTIz2A28d0G4r1mwV6MN3rHZ492NDp6DgoM1DGZbKJn8Z4yGWxArY=
X-Received: by 2002:a81:7c55:: with SMTP id x82mr20442279ywc.488.1556021795621; Tue, 23 Apr 2019 05:16:35 -0700 (PDT)
MIME-Version: 1.0
References: <> <20190422190302.GA3137@localhost> <>
In-Reply-To: <>
From: Ben Laurie <>
Date: Tue, 23 Apr 2019 13:16:23 +0100
Message-ID: <>
To: Phillip Hallam-Baker <>
Cc: Nico Williams <>,, IETF SAAG <>
Content-Type: multipart/alternative; boundary="000000000000647f880587318e0f"
Archived-At: <>
Subject: Re: [Secdispatch] [saag] The Mathematical Mesh
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 23 Apr 2019 12:16:43 -0000

On Mon, 22 Apr 2019 at 20:33, Phillip Hallam-Baker <>

> The primary focus is enabling real users to manage public key pairs on
> their devices without being aware that they are doing it. Securely
> establishing a set of public key pairs on each device and providing a
> validation path to the user's personal axiom of trust is the main idea
> here. Because if we achieve that, we are 80% of the way to securing almost
> any communication pattern.

Where is the user testing for this? BTW, seems to me if users are not aware
that they are doing it, they will also not be aware when they are not doing
it. That doesn't seem like a path to security to me.

I am hiring! Formal methods, UX, management, SWE ... verified s/w and h/w.