Hiya, On 10/28/2013 04:11 PM, Joe St Sauver wrote: > Hi, > > Stephen Farrell <[email protected]> commented: > > #Now that we seem to be getting a bit of a handle on the TLS > #related crypto parts of all this, (which are maybe easier > #or more tractable), I think it'd be timely to see some list > #discussion on traffic analysis before Vancouver. > # > #I'd be interested in any less obvious ways in which IETF > #protocols might be making traffic analysis easier than it > #ought be. And of course in countermeasures, but those are > #maybe quite difficult. > > Just to quickly summarize a few traffic analytic approaches > (e.g., analyses that do not consider the contents of traffic) > at the 10,000 ft level: > [...reasonable text elided...] > > Is that the sort of thing you wanted to begin discussing?
Yep. But not at the 10,000ft level:-) Not quite sure, but I think we might get some benefit at the moment from considering how specific fields in real protocols undermine privacy (e.g. as Christian's draft does with the Received header fields in mail messages) even if/when TLS or other existing security mechanisms are properly used. That's not to say that we should immediately try change all those protocols, since there will likely be (or were once) good reasons why stuff is done as it is, but there may be cases where we find that there are specific concrete things the IETF could be doing and finding those is the goal of our session in Vancouver. S. > > Regards, > > Joe > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass > > _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
