Re: [Smart] Draft Charter For SMART Proposed RG
Kirsty P <Kirsty.p@ncsc.gov.uk> Fri, 28 September 2018 11:23 UTC
Return-Path: <Kirsty.p@ncsc.gov.uk>
X-Original-To: smart@ietfa.amsl.com
Delivered-To: smart@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69B42130E22 for <smart@ietfa.amsl.com>; Fri, 28 Sep 2018 04:23:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.456
X-Spam-Level:
X-Spam-Status: No, score=-2.456 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.456, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Qyl78zaGHlu for <smart@ietfa.amsl.com>; Fri, 28 Sep 2018 04:22:57 -0700 (PDT)
Received: from GBR01-LO2-obe.outbound.protection.outlook.com (mail-eopbgr100094.outbound.protection.outlook.com [40.107.10.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C36E130E21 for <smart@irtf.org>; Fri, 28 Sep 2018 04:22:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rFN5zs7HiFRppPivUBuWgDRJHPkodF0YqProbMWZZZ0=; b=IvROlR3atqc/lSN0zZR2wOfdZEn9rtfvl1D2GOc5C+4Bg6nNudywv0jE2+/Ggbt2593xnk2e6IXFOL8+4/kAAOkf+tuDkqSNtNj8UMn0PS3n1wJ/2MebJPYq2plUZ3Fzu6q1dwbUtwSvwa0ogt8gjkr+NqQ2hRq/2BzQNoCEXuI=
Received: from MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM (10.166.238.153) by MMXP123MB0814.GBRP123.PROD.OUTLOOK.COM (10.166.238.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1164.22; Fri, 28 Sep 2018 11:22:53 +0000
Received: from MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM ([fe80::f47d:48cb:508c:735]) by MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM ([fe80::f47d:48cb:508c:735%6]) with mapi id 15.20.1164.024; Fri, 28 Sep 2018 11:22:53 +0000
From: Kirsty P <Kirsty.p@ncsc.gov.uk>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "smart@irtf.org" <smart@irtf.org>
Thread-Topic: [Smart] Draft Charter For SMART Proposed RG
Thread-Index: AQHUVp3cMO5adTWp90awyIg6eCzGTaUFgEvp
Date: Fri, 28 Sep 2018 11:22:53 +0000
Message-ID: <MMXP123MB0847AC90F1811721351B22D8D7EC0@MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM>
References: <666e3975-9fd7-24a9-57ec-53096b9fda1a@cs.tcd.ie>
In-Reply-To: <666e3975-9fd7-24a9-57ec-53096b9fda1a@cs.tcd.ie>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Kirsty.p@ncsc.gov.uk;
x-originating-ip: [51.141.34.27]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MMXP123MB0814; 6:5eHhCFB/JxT0r8lHs9QkaBoqZ4QSvJQsE0KcVP20mF4ZEDK4dcijdiaChAhqMZ62xEEIq6aVzDFNOysrz69P/KaVGz+/doBBsWagFbFklOUDZ/ihbFEIulpEoWSW7iHLCxpoNRrd453J7hoD5HCQaAiH3Mw8BDw3oySvUFI75HH6DFAEQcO8gVa2yRIMgyyfLT5e4LO0eW5YgMYWFHHAzFBlf1JI4v4oYPyan+ajpUWGnmW695B0zaMy9vq2vx8I2yuRLdhDhgcBXHaAT6ZPEo2pZZ3QK3xnNMP6hJ/9mUVVa6HaDWBmUDWTomkf0/wZYKx6lY00GjUF7uz8GKbVaWdIyc4oi8bCqQxUFUfROghFBKd3uOKpL8qDwjOmHZjyloigYURIM0z0eSYVkhmWdjaSgbZo64EvJCNpNKaDbJBmUnm5qZytWqc7KVDpaOthT1js1/T6EASXYrrzvVRiCQ==; 5:SwYgCyb118N/jPlLYNWXmxHworLyX/ybXQQgfvo1uYraGhG3ae1eutQtBH+Aetmo+v+wM9HTTfGhNVPS2XCHJHpnkCPu7aBtKIQm1b2lb7pGt7Xt7MkfAvafosfJkD6j/xWfdQH48o/2FcUaHrN0aID6ualQqbOZ50h8K4A9MZI=; 7:mii5a940JIgBAEj+n8IqVE9/BTBsHTByI4iJwOm7r7j62Hh+Q0mgX2+6JPFSEpZcvK2EJYuIlilo93yTUwXd5Bh0CgKi1HwCQ/XxAVDurgyTdjRgN0Njf6R54Vry4yRzVZw1yit3L1eL/WXNZQKyh0tJGppU3Lw5F9Ey5VAkwBZiVhkd5CeJggc6oxYe4LTt8HUKEEb5esWRnoXQM+7+Jh7nfvuGxA+rIL92kt4DmJv9tQR5TWIMzC3nltI4EKzb
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 3a7ef2ff-80b5-4e06-c5df-08d62534bbc1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:MMXP123MB0814;
x-ms-traffictypediagnostic: MMXP123MB0814:
x-microsoft-antispam-prvs: <MMXP123MB081489281DCE8EA63D5D32EDD7EC0@MMXP123MB0814.GBRP123.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(32856632585715)(192374486261705)(27231711734898)(163750095850);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(93006095)(93001095)(3002001)(10201501046)(149066)(150057)(6041310)(20161123558120)(20161123560045)(201703131423095)(201703031522075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(201708071742011)(7699051); SRVR:MMXP123MB0814; BCL:0; PCL:0; RULEID:; SRVR:MMXP123MB0814;
x-forefront-prvs: 0809C12563
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(136003)(39850400004)(396003)(366004)(189003)(199004)(55236004)(102836004)(345774005)(2501003)(33656002)(5250100002)(99286004)(74482002)(186003)(75922002)(2900100001)(53546011)(105586002)(6506007)(106356001)(2906002)(19627405001)(26005)(76176011)(7696005)(14444005)(316002)(256004)(296002)(25786009)(53936002)(8936002)(81156014)(81166006)(6246003)(8676002)(5660300001)(55016002)(6436002)(54896002)(34290500001)(229853002)(9686003)(97736004)(74316002)(476003)(7736002)(71190400001)(71200400001)(486006)(86362001)(11346002)(446003)(14454004)(66066001)(68736007)(110136005)(72206003)(478600001)(6116002)(3846002)(6606003); DIR:OUT; SFP:1102; SCL:1; SRVR:MMXP123MB0814; H:MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts)
x-microsoft-antispam-message-info: zDfRwioaJpNuqswMbaOD918R4guORLVUIUbWU0u2v4Vl6siKvIicKPEOtJYqnt7x3bF+s6S4BikUeJ+J2viVT1r7e1ihra52j57YXeqrLwPpXmI1GVuA7wS8kAnQAFN+NGUKri/KykFwgXhAx7O4wMoHY0mJ+MHfYZ13QXVdZTxVZVYblvoWZYeIKFZ/c/azvbStqCm08FSXlkEBdrTovO7HXniCfTVxPX7mxGAHyOpki08qgYZkWI4AlsmQ4ra/dTznhkALaB527fhBNLTN2ATk+8q/kC7fI+MWSmAzbZqFsJX3pZ8ywPhIoprVYl3+XQe+Vt6jvB9TijVKVCbLcW3q+tlgy2ftdVy9n+Eoc1w=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MMXP123MB0847AC90F1811721351B22D8D7EC0MMXP123MB0847GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 3a7ef2ff-80b5-4e06-c5df-08d62534bbc1
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Sep 2018 11:22:53.7118 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MMXP123MB0814
Archived-At: <https://mailarchive.ietf.org/arch/msg/smart/uieymKLuUoC50Kc-LseUiqHelYo>
Subject: Re: [Smart] Draft Charter For SMART Proposed RG
X-BeenThere: smart@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <smart.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/smart>, <mailto:smart-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smart/>
List-Post: <mailto:smart@irtf.org>
List-Help: <mailto:smart-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/smart>, <mailto:smart-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2018 11:23:01 -0000
Stephen, Thank you for your comments! Great to hear you think the work here could be interesting. I hope I can clarify what the proposed RG is about, and get your support. I can reassure you are correct in believing what our aims are - we are not trying to weaken the privacy aspect of protocols, and it is not the intention of the RG to propose modifications to IETF protocols - we want cyber defence methods to co-exist along encryption, rather than seeking to break or weaken it. Hopefully, as you say, stating this explicitly in our charter will let us investigate these real tensions and challenges without raising any hackles. The draft charter is still up for discussion, so we can certainly change the phrase "will investigate how cyber attack defence requirements can be met in a world of encrypted data". I know you said you don't much care what words are used, but do you have any thoughts on to better say what we mean? How does something like "will investigate how cyber attack defence requirements can be met without weakening the protection afforded by encryption" sound to you? I hope this allays your concerns, and I welcome any further input you (or others) might have. Kirsty ________________________________ From: Smart <smart-bounces@irtf.org> on behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie> Sent: 27 September 2018 21:08 To: smart@irtf.org Subject: Re: [Smart] Draft Charter For SMART Proposed RG Hiya, I think there's work here that could be interesting, so I'd be supportive of what I hope this RG might be about, but I'm not quite sure... I would be re-assured if the charter was explicit that the putative RG is not trying to break or weaken the security aspects of IETF protocols. I believe that that is the case - after all the overwhelming majority of people using the Internet, including those defending the security of systems, really need those security features - but given the history, the "in a world of encrypted data" is the kind of phrase that could raise hackles, and hackles are better not raised. I don't much care what words would be used, so long as it's clear that the putative RG is not setting out to e.g. upend the IETF's BCPs on these topics. There are real tensions and challenges created by encrypting more and better, and in reducing uses of identifiers to be more privacy-friendly, but IMO successfully investigating those issues requires being explicit that one is not aiming to weaken things like e2e security as a feature of Internet protocols. Cheers, S. This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
- [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Kathleen Moriarty
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Kathleen Moriarty
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Suresh Ramasubramanian
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Arnaud.Taddei.IETF