Re: [Spud] [Privsec-program] Detecting and Defeating TCP/IP Hypercookie Attacks

Stephen Farrell <> Sun, 31 July 2016 16:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C7CA112D1C8 for <>; Sun, 31 Jul 2016 09:13:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.588
X-Spam-Status: No, score=-5.588 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TM5TplValBen for <>; Sun, 31 Jul 2016 09:13:09 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9488112D1D2 for <>; Sun, 31 Jul 2016 09:13:09 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4FF0ABE49; Sun, 31 Jul 2016 17:13:08 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tSjM74A6Go2z; Sun, 31 Jul 2016 17:13:07 +0100 (IST)
Received: from [] ( []) by (Postfix) with ESMTPSA id 608CBBE56; Sun, 31 Jul 2016 17:13:06 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1469981586; bh=mCkb0HzM/c0tV8LLmg+iMwFDEVhOf3c0FO8QygDTwMQ=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=z4HXKsZkMyn/PViYrtg8CtUe9QnyDu2HgnE7brYqoYlxRNr/R5qucsIyqAE4nhjXh mTAkbpqoWdwK/AUNpFPtBG++hUPHQ07xRtpT3KwXkj4vhTFqRTib0Xh1ka9oQIu4ni nRkMB+JlGk5rBZyBs71O8Xq9w06ausZVHbedtsD0=
To: Eliot Lear <>, =?UTF-8?Q?Mirja_K=c3=bchlewind?= <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Stephen Farrell <>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <>
Date: Sun, 31 Jul 2016 17:13:05 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="iBQQ5vLktKrPDsN9pePanVn58b08XxsCf"
Archived-At: <>
Cc: Brian Trammell <>,, spud <>
Subject: Re: [Spud] [Privsec-program] Detecting and Defeating TCP/IP Hypercookie Attacks
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Session Protocol Underneath Datagrams <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 31 Jul 2016 16:13:12 -0000


On 31/07/16 17:04, Eliot Lear wrote:
> Hi,
> On 7/31/16 4:05 PM, Stephen Farrell wrote:
>> - I am unconvinced that "giving up" some privacy in the manner
>>   envisaged will lead to an overall privacy benefit. I very much
>>   fear that opposite - that any extensible mechanism will give up
>>   so much privacy so as to render much higher layer confidentiality
>>   moot.
> This is the problem with this discussion.  You fear giving up privacy. 
> There is no protocol to assuage your fears.  Mirja has said that they
> didn't want to propose a protocol, presumably out of appearing to
> present a fait accomplit, and round and round we go.  I propose the
> following:
> Someone show bits, and then let's see if your concerns are borne out or
> assuaged.  This argument is too abstract.

Well yes and no. Yes, I can't see how to assuage the fears of
those with privacy concerns without at least a straw-man. So
the proponent's choice to not provide even that does make the
discussion more abstract and less likely to conclude.

But no, the proponents of the PLUS BoF suggested a charter
that explicitly stated that the solution needed an IANA registry
for extensibility and even specified an update rule for that
putative registry.

I am wholly convinced such a registry with any set of 5226
rules is an error and bad to very bad for privacy. See all the
times I've said "over 18" and similar. I don't think I need to
know more about the on the wire framing of those codepoints
(official or squatted-upon) to reach my conclusion.

Whether a protocol without any extensibility or with some other
extensibility mechanism would be ok or not is not something
about which I've expressed an opinion so far. (Well, at least
I've tried to be neutral, but I fully admit that sometimes what
I try write as neutral, folks read as opinionated;-)


> Eliot
> _______________________________________________
> Privsec-program mailing list