Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt

Bret Jordan <> Fri, 12 July 2019 19:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5260C1207E2 for <>; Fri, 12 Jul 2019 12:35:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.702
X-Spam-Status: No, score=-0.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D_sW9XhjsUDJ for <>; Fri, 12 Jul 2019 12:35:19 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 001A3120225 for <>; Fri, 12 Jul 2019 12:35:18 -0700 (PDT)
Received: by with SMTP id s7so22776082iob.11 for <>; Fri, 12 Jul 2019 12:35:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=rcCf+HKztI7RKsv3xBlzdYYEYg+efvgziHZSRXMnbHI=; b=JWxDnh4SuK1PXW4KNPIISb2tedASI3NXgkqN1XK7g974f0Oa31/KeekhijbIpTrRAQ t4r+GfW3uPy6UA4C998EqnmdeOkua+gbQ8fJbWlsifFo/vBAq5VNeqArOOwb0+wGhdPd 8j7T+mdydefpmGdbpjJiOiZ2AB377FzSi/YvrCCkuEDcOlrkA5LxA3+i7SDzQkIsUkZO Lz6x6c7Qs/K9jV1xKKr8VRt4v+kgEsPLEMMZy/xPRMBZYM3L65J7ThWOrMCqp2QVZ4Hz snuABRNO2r+ju3KEwEP+TJfF9ELB0J8nY8ZYioQmprEVvcjIE4mMUIxhCKRe0+UbmRIu to/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=rcCf+HKztI7RKsv3xBlzdYYEYg+efvgziHZSRXMnbHI=; b=r2Ppncx4fwSEO8elUlrkfzdNl2aS+gZInuv7K+tCs6xx50zJEhz+sIwnr1Lj1pxKgv HfarfuwlYc/3qvE6f3zkhhYGltVS1D+BmnJNJeeIWXYuT5Wmuy6oEkQRV/pliSr+zBTP k/pdiBgCzFDFpQbVS4KVCHGAOjrzwtNjymvl+QZfSmRZZSITmGpQSJpvtL2yvw7g9j63 rLuTPvsdTQiITACDJzdHyQQdgOJ7gImjPSWzWsVnin6J7L7j6Sfj7hfbDmGrh3NBRiuX 7Lln4kOhIWFKtSpoE6gaTwB4bII/uiMaguYSP/sJKHPXlUfWspkHQJaKDGYKrIId/Jts FMPA==
X-Gm-Message-State: APjAAAWPDWhf98KUVFN5FGHEVbn9ZsS6evNCldZjqde1+txvfvjOu6gF YR7k8kKlUAdljz/8HMSWUMQ=
X-Google-Smtp-Source: APXvYqwY09xhsVf2tXvz5PxFefSjSLcvXXnldQEJr3a3KyfVhhW0wVa2fS4XKP43sV/aSfsegUpMWA==
X-Received: by 2002:a5d:8447:: with SMTP id w7mr13042274ior.197.1562960117875; Fri, 12 Jul 2019 12:35:17 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id m10sm14192957ioj.75.2019. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Jul 2019 12:35:17 -0700 (PDT)
From: Bret Jordan <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_90501082-AB5D-4DF4-805A-9DEDFBF6DDA9"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 12 Jul 2019 13:35:10 -0600
In-Reply-To: <>
Cc: Dominique Lazanski <>,, IETF SecDispatch <>
To: Phillip Hallam-Baker <>
References: <> <> <> <> <>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <>
Subject: Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 Jul 2019 19:35:24 -0000

As with all things crypto, block-chain, quantum, cloud, and snake-oil, they are not ubiquitously deployable across the entire eco-system of end users, applications, enterprises, and governments.  You say that this can all be fixed in 5-years, I think you are off by an order of magnitude.  

Some organizations are still running Windows XP, some parts of critical infrastructure still have very old soldered in equipment.  Some critical applications and resources needed for regulatory compliance can take months to years to even get patched. What about cost optimized IoT devices that can never run any security software or have no plans of ever being updated?  What about direct to telco connections with 5G enabled devices? We still can not even patch end devices reliability without a risk of bricking them.  

The problem is not just about protecting data base data.  Yes, this is one piece in the entire security pie.  But it is not the only part.  Trying to distill things down to say that it is, gives a false sense of security.  Just like the hyperbole and dogma that if your connection is perfectly encrypted and free from external tracking, it is secure and safe. Threat actors including CDNs and services providers can still compromise the end user, end device, data, and track all of their where about and everything they do.

The attack surface and needs of end users and enterprises are much more extensive than a single point solution.  Yes, I have looked at your proposed Mesh network. It is very neat, and very cool.  I would love to work with you on it.  I see many places it can potentially be used.  But thinking that in 5 years everyone is going to forklift the entire Internet and go with your solution and single solution is not realistic.

This is the problem with the IETF as a whole.  Too few understand day-2-day operational security.  This is one thing that SMART really needs to help with.  We need to start a bunch of discussions and get a bunch of research done to help every aspect of the IETF.  We need to invite people from FIRST and other industry groups to help with this effort.  

Some think that SMART is a tiny amount of work.  But SMART could be one of the most important pieces of work that the IETF / IRTF does in the next 10 years. 

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Jul 12, 2019, at 12:40 PM, Phillip Hallam-Baker <> wrote:
> Applied properly, the cloud service never has anything but encrypted data and a pile of random numbers.
> Mesh group encryption is genuinely end to end. There is never plaintext on the server. The server never has sufficient information to decrypt. Assuming only that the random numbers used to split keys are unguessable, the system is information theroretic secure with respect to the requirement for two keys to be used to decrypt.
> There will always be an endpoint vulnerability in that data has to be decrypted to present it to the user, edit it, etc. But reducing the attack surface from every server and every endpoint in the enterprise to the dozen or so endpoints with a need to know the information is powerful.
> I have not considered the ransomware issue in depth because the solution is pretty obvious - take backups, verify the ability to recover at regular intervals. That said, obvious solutions can be very complex to deploy.
> This is actually one of the very few applications that Blockchain or at least the Haber-Stornetta hash chain could help us with. A DARE container is an append only log with optional Merkle Tree integrity checking. So we can do a continuous backup to a write only storage array behind a very very simple and limited firewall that only allows the backup requests through. If the online system is compromized, we recover from the firewalled, write-only array. 
> Getting to that point in the mesh is likely to take five years. But Microsoft owns GitHub. And Git could at least in theory be extended to provide some of this functionality. 
> Alternatively, bring down the BitCoin infrastructure by auditing Tether and the payment infrastrastructure that makes ransomware profitable would be gone.
> On Fri, Jul 12, 2019 at 12:05 PM Bret Jordan < <>> wrote:
> Unfortunately I think you are misunderstanding the attack surface how attacks can work and wrongfully assume how threat actors and intrusions sets operate.  It is not always about exfiltrating your super secret “recipe" as you call it.  So database encryption will not always help you, nor will putting your database on a block chain. Yes, it can reduce the attack surface or exposure of your data under legitimate use. But once the server is compromised, the attacker can simply pull decrypted information from memory. Or can continue to move laterally through the organization and pull the data of endpoints that do have access to the data.  Further, the threat actor may not be interested in exfiltrating the data at all.  But may simply be interested in using your “1980s” crypto as you call it to encrypt your database with their own key.  This attack is commonly called Ransomware. 
> The key point is that you can not patch your way into security.  This is a common misunderstand that many people have outside of operational security.  End points are always weak and highly vulnerable to attack.  It does not matter if they are end user devices, servers, IoT devices, or components soldered in to SCADA systems.
> I would encourage you to look at the MITRE ATT&CK framework to better understand how these attacks work and how threat actors can disrupt, exfiltrate, and destroy a company. 
> We have to realize that the security model has changed since some of these documents were written. Yes, pervasive monitoring of users on the internet is a problem, but it is only 1 piece of a large pie of problems.  We in the IETF need to communicate better with operational security, so that we can design solutions that hollistically help improve security and not make one part better at the huge expense of everything else. 
> Thanks,
> Bret
> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
>> On Jul 11, 2019, at 7:22 PM, Phillip Hallam-Baker < <>> wrote:
>> It is an interesting read. But I see a very important distinction that needs to be made between compromise of user end points and compromise of server end points.
>> Most breaches that occur are when an enterprise is penetrated and the firewall is the first and last line of defense. So Percy the Pinhead clicks on a link in an email and six hours later the attacker has root privilege on the corporate server. This is not Percy's fault, the fault is that a single mistake by a single employee results in compromise of data Percy was never authorized to access.
>> So right now we have systems where one compromise at any one of 10,000 endpoints results in a breach. 
>> Now lets consider using some 1980s style end to end cryptography. So that the ultra important recipe data is only available to the dozen members of group. This improves matters because we have reduced the points of compromise from 10,000 cooks and service staff to 12 trusted employees.
>> That is a start but we are still vulnerable to a single end point compromise so lets apply threshold cryptography so members of group W only have one half of the decryption key, the other is on the server and both halves of the key are needed to perform decryption. In this scenario, we now require two separate compromises of two different end points.
>> On Wed, Jul 10, 2019 at 11:29 AM Bret Jordan < <>> wrote:
>> Dominique,
>> I have read over your draft, and I think it highlights some very key things we all need to look at and address. Thanks for putting these ideas down on paper.  Hopefully this I-D can help us all start a broader discussion to improve things.
>> SMART / SecDispatch,
>> If you have not yet read this I-D, I would encourage you to look at it.  It is a very fast read. 
>> Thanks,
>> Bret
>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
>>> On Jul 8, 2019, at 12:54 PM, Dominique Lazanski < <>> wrote:
>>> Cross posting to this mailing list.
>>> Dominique 
>>> A new version of I-D, draft-lazanski-smart-users-internet-00.txt
>>> has been successfully submitted by Dominique Lazanski and posted to the
>>> IETF repository.
>>> Name:        draft-lazanski-smart-users-internet
>>> Revision:    00
>>> Title:        An Internet for Users Again
>>> Document date:    2019-07-08
>>> Group:        Individual Submission
>>> Pages:        12
>>> URL:   <>
>>> Status: <>
>>> Htmlized: <>
>>> Htmlized: <>
>>> Abstract:
>>>   RFC 3552 introduces a threat model that does not include endpoint
>>>   security. In the fifteen years since RFC 3552 security issues and
>>>   cyber attacks have increased, especially on the endpoint. This
>>>   document proposes a new approach to Internet cyber security protocol
>>>   development that focuses on the user of the Internet, namely those
>>>   who use the endpoint and are the most vulnerable to attacks. 
>>> -- 
>>> Smart mailing list
>>> <>
>>> <>
>> _______________________________________________
>> Secdispatch mailing list
>> <>
>> <>