Re: [Tcpcrypt] v3 of the charter
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 30 April 2014 21:38 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tcpcrypt@ietfa.amsl.com
Delivered-To: tcpcrypt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AE701A0948 for <tcpcrypt@ietfa.amsl.com>; Wed, 30 Apr 2014 14:38:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_14=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C5-cy2jRN2Jd for <tcpcrypt@ietfa.amsl.com>; Wed, 30 Apr 2014 14:38:39 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 284C21A08B5 for <tcpcrypt@ietf.org>; Wed, 30 Apr 2014 14:38:39 -0700 (PDT)
Received: from [10.70.10.85] (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 0D1D0F984; Wed, 30 Apr 2014 17:38:36 -0400 (EDT)
Message-ID: <53616D52.3090504@fifthhorseman.net>
Date: Wed, 30 Apr 2014 17:38:26 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.3.0
MIME-Version: 1.0
To: Joe Touch <touch@isi.edu>, "Eggert, Lars" <lars@netapp.com>, Marcelo Bagnulo <marcelo@it.uc3m.es>
References: <536099A0.30900@it.uc3m.es> <23862F2E-9D56-4651-9202-FC676D15720B@netapp.com> <07C2D017-9342-4742-990C-7D3BC795049F@netapp.com> <536157E1.2060202@fifthhorseman.net> <53615A40.9050903@isi.edu> <536165C6.20909@fifthhorseman.net> <536167CC.8010703@isi.edu> <536168FA.2010800@fifthhorseman.net> <53616AD4.6010309@isi.edu>
In-Reply-To: <53616AD4.6010309@isi.edu>
X-Enigmail-Version: 1.6+git0.20140323
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="1QkFGLVSebOnR0PMMf3o564r3Go71efQC"
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpcrypt/l4VycID6k8K2aY-ZJloJOnh7jR0
Cc: "tcpcrypt@ietf.org" <tcpcrypt@ietf.org>
Subject: Re: [Tcpcrypt] v3 of the charter
X-BeenThere: tcpcrypt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpcrypt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpcrypt/>
List-Post: <mailto:tcpcrypt@ietf.org>
List-Help: <mailto:tcpcrypt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 21:38:40 -0000
On 04/30/2014 05:27 PM, Joe Touch wrote: > On 4/30/2014 2:19 PM, Daniel Kahn Gillmor wrote: >> I know they're both clients in this sense; we're discussing >> fingerprinting. the charter text makes it clear that we want to be able >> to avoid fingerprinting for the client, but not the server, since the >> server presumably has some form of persistent identity, or else the >> client wouldn't be able to connect to it in the first place. >> >> That's the context in which i think we need to see TCP simultaneous open >> as a server -- i don't think we need to worry about protecting >> fingerprinting by the peer for either simultaneous open peer, since each >> peer already has some information about the other. > > It'd be optimal if this wasn't useful for fingerprinting either client > or server. Even if you know the server's IP and port, that's all you > ought to know, and all that needs to persist during the lifetime of a > particular connection. > > So why not just require anti-fingerprinting in general, and not focus on > who initiated the connection? If i connect to the same server and port multiple times (or multiple IP/port pairs, based on e.g. an SRV round-robin), i'm presumably doing so because i know something about the service i'm trying to contact already. This persistence of identity is already in place, simply because i'm making the same attempted connection; i'm not sure that non-fingerprintability of services in this way is particularly meaningful. It sounds like you might also be concerned about the case where a client opens two connections to <IP Address A,Port P>, and <IP Address B,Port Q>, which both happen to be operated by the same server; and we want the server to be able to avoid leaking the information that it is the same machine operating both services; is that right? I'd be happy to see that case covered by TCP Inc. If you think we can simplify the charter by making it talk about non-fingerprintability of peers in general and get it to cover this case, and avoid client/server wording that people find objectionable, that'd be fine with me. >> (that said, i'm not sure how simultaneous open will work in whatever >> spec we work out; maybe it turns out we have to be willing to sacrifice >> simultaneous open in order to use tcp inc?) > > It should revert to conventional TCP and thus support simultaneous open > in that case. I think we might be saying the same thing here -- if it turns out that TCP Inc can't be done with simultaneous open, then you have to sacrifice one feature or the other. --dkg
- Re: [Tcpcrypt] v3 of the charter David Mazieres
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter Eggert, Lars
- Re: [Tcpcrypt] v3 of the charter Eggert, Lars
- Re: [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter Eggert, Lars
- Re: [Tcpcrypt] v3 of the charter Stephen Farrell
- Re: [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter ianG
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Tony Arcieri
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter Tony Arcieri
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter David Mazieres
- Re: [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter Joe Touch
- Re: [Tcpcrypt] v3 of the charter ianG
- Re: [Tcpcrypt] v3 of the charter Daniel Kahn Gillmor
- Re: [Tcpcrypt] v3 of the charter Christian Huitema
- Re: [Tcpcrypt] v3 of the charter marcelo bagnulo braun
- Re: [Tcpcrypt] v3 of the charter Erik Nygren
- Re: [Tcpcrypt] v3 of the charter David Mazieres