On 7 nov 2013, at 18:07, Dean Willis <[email protected]> wrote:
> > On Nov 7, 2013, at 8:55 AM, Benjamin Kaduk <[email protected]> wrote: >> >> However, I fear that the knowledge we gain may be more limited that we would >> like. In particular, I fear that NSLs or similar things will come with gag >> orders so strong that the company's counsel will not be able to use >> knowledge of them to alter company policy, or even that the gag will prevent >> the engineer being served from contacting the company's counsel. There are >> probably technical measures which could help a little, such as requiring >> multiple persons to authenticate certain classes of operations, though I >> suspect those are out of scope for IETF protocol work. > > > I don’t disagree. That’s why we need best practices for: > > 1) end to end application-level (TLS, DTLS, etc.) > 2) IP node to IP node (IP peer level; application level like HTTPS, IPSEC > transport, or opportunistic tcpcrypt and/or BTN) > 3) IP domain to IP domain (VPN; IPSEC tunnel) > 4) MPLS-to-MPLS (and similar sub-IP overlays) > 5) physical link (fiber drivers, WPA, etc.) > > encryptions and authentications all at the same time. Layers in a tasty > birthday cake. If you’ve been subject to US junk food adverts, think of it > like Lay’s potato chips. You can’t eat just one. Another motto: No eggshells. > > They’re going to hit the weak spot. We want the weak spot to require a whole > stack of subpoenas and a whole lot of informed consent. Compliance with the > law is required; our goal is to make sure the law is also complied with by > the the attackers. > > And we don’t think that GCHQ is going to be able to get a subpoena directly > in the US, or vice versa, so the game of using foreign agents to spy on > domestic assets (and trade data with each other) will get mostly shut down. > > Sure, "they" might pass a law that says end-user encryption is illegal. We > want them to have to pass that law, and have the public discourse needed to > pass such a law in a democracy. Of course, rogue states are going to do > whatever they’re going to do, but we can certainly reduce how much of it they > do to other states. > > This is not a “resistance” thing; it’s a "civil-defense" thing. If one > state’s or one enterprise’s infosec is appallingly weak, other actors are > going to take advantage of that weakness. If one nation’s or enterprise’s IT > products have weak infosec as a matter of policy, that nation or enterprise > is going to be very disadvantaged in external sales of those products. Our > task is to set the bar sufficiently high without breaking the bank in the > process. We must also remember that said bar is going to keep moving at the > pace of Moore’s law. Adequate security in 1990 is not adequate security in > 2013, and so on. +1 /M _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
