On 16 September 2020 22:38:38 CEST, Randy Bush <ra...@psg.com> wrote:
>> Privacy != encryption.
>
>cleartext == privacy * 0
>
>cleartext * complexity == privacy * 0
False. Cleartext and privacy are two different things which are not mutually
exclusive. Information can be in plaintext and private, it can also be
encrypted and not private.
Consider multiple devices connected to a single customer instance (A) on an
MPLS L2 VPN provider's network, consisting of a single VLAN/broadcast domain,
all the connected devices are able to send information to each other, and they
can receive the information sent to other devices not intended for itself. Any
device, for example, can send a gratuitous ARP, update the control plane of the
switch and pull traffic towards itself and have visibility of all the
conversation on the VLAN/broadcast domain. Even if the conversations are
encrypted, meaning no plaintext, which you seem to suggest means privacy, this
receiving device sees all the conversations which take place, when they are
taking place, between whom, for how long, how often, and so on. Encryption
hasn't provided privacy if someone can see all that information.
Now consider a second customer (B) connected to a separate customer instance on
the same L2 VPN provider network. Customer A can send any traffic they like and
they can listen all day until the cows come home; they will never be able to
send traffic to a customer B device in a separate L2 VPN instance, and they
will never receive any traffic from a customer B device, they can't even see
that customer B exists, if they are having any conversations, when, for how
long etc, nothing.
That is privacy, which is completely different to plaintext and ciphertext.
Cheers,
James
