IETF Logo Mail Archive

Re: [VIPR] VIPR privacy issue

Dean Willis <dean.willis@softarmor.com> Thu, 26 January 2012 21:28 UTC

Return-Path: <dean.willis@softarmor.com>
X-Original-To: vipr@ietfa.amsl.com
Delivered-To: vipr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6221C21F86C1 for <vipr@ietfa.amsl.com>; Thu, 26 Jan 2012 13:28:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M0tEUZmNCfZB for <vipr@ietfa.amsl.com>; Thu, 26 Jan 2012 13:28:35 -0800 (PST)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id DB36621F8633 for <vipr@ietf.org>; Thu, 26 Jan 2012 13:28:34 -0800 (PST)
Received: by yenm3 with SMTP id m3so544220yen.31 for <vipr@ietf.org>; Thu, 26 Jan 2012 13:28:34 -0800 (PST)
Received: by 10.236.173.37 with SMTP id u25mr6215813yhl.26.1327613314441; Thu, 26 Jan 2012 13:28:34 -0800 (PST)
Received: from [192.168.2.104] (cpe-66-25-15-110.tx.res.rr.com. [66.25.15.110]) by mx.google.com with ESMTPS id n72sm8947223yhh.21.2012.01.26.13.28.32 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 26 Jan 2012 13:28:33 -0800 (PST)
References: <4F1F1A42.1030201@acm.org> <9734F726-C0A8-42D6-87A4-65535D5F3E80@bbn.com> <4F217CC9.4080802@acm.org> <50D0BC87-EC6C-401E-A2F9-A05AC60D5EF0@bbn.com>
In-Reply-To: <50D0BC87-EC6C-401E-A2F9-A05AC60D5EF0@bbn.com>
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
Message-Id: <92E46A75-E370-4A52-BF04-F2D811D3C0C0@softarmor.com>
Content-Transfer-Encoding: quoted-printable
From: Dean Willis <dean.willis@softarmor.com>
Date: Thu, 26 Jan 2012 15:28:31 -0600
To: "Richard L. Barnes" <rbarnes@bbn.com>
X-Mailer: Apple Mail (2.1084)
Cc: "vipr@ietf.org" <vipr@ietf.org>
Subject: Re: [VIPR] VIPR privacy issue
X-BeenThere: vipr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Verification Involving PSTN Reachability working group <vipr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vipr>, <mailto:vipr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vipr>
List-Post: <mailto:vipr@ietf.org>
List-Help: <mailto:vipr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vipr>, <mailto:vipr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jan 2012 21:28:35 -0000

On Jan 26, 2012, at 10:40 AM, Richard L. Barnes wrote:
> 
> 
> Like I said, the mitigation here is the same as any situation where you want to hide your IP address: Send packets from a different network.


So we should run a great big VPN in order to run RELOAD in order to run ViPR?

Great! Now all we need is a peer-to-peer VPN capable of obscuring the IP addresses being used.

I'm trying to imagine just how badly the universe would break if one tried to run RELOAD over TOR. I don't think I have that good an imagination, because scenes from the movie "2012" pale by comparison, and I'm sure the real situation would be far worse than what I imagine.

But this does all come back to why I haven't been able to convince myself of the real-world utility of ViPR. We're layering vast complexity onto what is basically a distributed  trust-anchor problem, where the easiest thing to do in the real-world is to have a centralized anchor (which might itself refer to the PSTN basis anchor).

How about an alt-root DDNS/ENUM server that itself uses PSTN reachability to verify registrations submitted via DDNS?


--
Dean

v2.23.0 | Report a Bug | By Email