On Tue, Sep 10, 2013 at 09:43:39PM +0300, Hannes Tschofenig wrote:
>
> > 1) Everything SHOULD be encrypted, unless there is an absolute
> operational requirement not to. This means "encryption by default"
> in new protocols, and not even specifying unencrypted operations
> modes unless necessary....
>
> I guess there are two issues here, namely:
>
> * End-to-end vs. Hop-by-hop (or stuff in between)
>
> * Encryption itself is often not the problem but rather the key management
Also, perfect forward secrecy (PFS) versus non-PFS. If we are going
to make encryption a SHOULD or a MUST, so should be PFS. Even if the
key management is a problem, or worse, let's suppose the NSA has the
private keys for a number of the major CA's, if everything is using
PFS, then an attacker who is interested in doing bulk surveillance
will have to MITM all of the traffic. That will take a large amount
of power and cooling, so it becomes a lot more expensive to do bulk
surveillance, and it will also be much, MUCH harder to do it covertly
(you can't just hide a box in a telephone closet somewhere; but rather
racks and racks of servers at Tier 1 NAP's will be required).
OF course, there will be some things where encryption is simply not
needed, and but data integrity is is needed. Example: time (NTP) and
routing protocols. So we need to be careful how we specify MUST. :-)
- Ted
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
