hi Stephen, all, One update, inline...
On 19 Aug 2013, at 9:00 , Brian Trammell <[email protected]> wrote: > hi Stephen, all, > > Yeah, sorry for the giant multitopic rant. I'll split this out into a few > threads to continue... > > On Aug 18, 2013, at 11:47 PM, Stephen Farrell <[email protected]> > wrote: > >> >> Hi Brian, >> >> First, thanks for the thoughtful post. You make some good points. >> A few responses below. Might be better to follow up in separate >> mails, since you raise too many interesting points probably:-) >> >> On 08/18/2013 07:45 PM, Brian Trammell wrote: >>> Greetings, all, >>> >>> On the floor of my home directory, there are notes for a paper we >>> never finished called "The Perfect Passive Adversary"; intended as a >>> survey of the state of the network security and measurement >>> literature and practice to explain what is possible if one assumes an >>> adversary which can (1) observe every packet of every communication >>> at every point within a network but (2) does not have access to the >>> endpoints beyond the network interface (i.e. no keyloggers, and no >>> bulk access to user data at a service provider) and (3) cannot >>> influence packet forwarding. It grew to be rather too wide in scope >>> and too paranoid in tone to have a realistic chance at publication, >>> so we dropped it, which in retrospect seems a silly choice. >> >> So publish it! As an I-D even:-) But if you have a version that >> you're happy to share, that'd be great to see. > > I dusted this off and had a look at it last night, and it's in worse shape > than I'd thought as a coherent piece of work. But completing it (to -00 I-D > quality, at least) and publishing an I-D -- especially given the scope of the > conversation on this list -- seems like a great idea. I'll get started. This is now available at http://www.ietf.org/id/draft-trammell-perpass-ppa-00.txt; the current revision works mainly on the definition of the threat model and the justification thereof. There are notes on what's observable and what's inferable and some initial guidance, but mainly the point of this revision is to determine whether we think it's a useful definition of the adversary and a good structure for guidance to take from that definition. On review of RFC 6973, I see it addresses many of the points relevant to the threat posed by pervasive surveillance. The main difference is that its definition of surveillance (section 5.1.1.) makes an assumption that there is a given target of surveillance, which in pervasive surveillance is not necessarily the case: one "advantage" of pervasive surveillance is the ability to select targets after the fact of the communications capture. But in general, surveillance is an attack against privacy, and 6973 presents a very good framework for talking about privacy in a protocol design context. So, if we move forward with this document, I'd like to see it grow as an extension of 6973. Best regards, Brian _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
