On Nov 20, 2013, at 8:24 PM, Ted Lemon <[email protected]> wrote:
> On Nov 20, 2013, at 6:19 PM, joel jaeggli <[email protected]> wrote:
>> bad actor is a value judgement. have no doubt that the intent of
>> surveillance is hostile with respect to the assumputions of the privacy
>> of one's communications.
>
> It's a lot softer to say "we have to treat passive surveillance as an attack
> because there is no way to distinguish between cases where it is and is not
> an attack" than it is to say "passive surveillance is an attack."
Of course you can tell them apart -- simply require the passive surveillant to
set the evil bit in all packets that they touch if it is an attack. If it is
*not* an attack, they simply clear the evil bit. The originating party should
randomly (with a good source of randomness (of course)) set the bit, and track
which packets they did this on. The receiver should track which packets had it
set. They then compare (out of band, and over a secure channel) which packets
had the bit set, and can then determine, with some good probability of
detection if someone was surveilling their traffic.
I can extend this solution to other layers with an elegant solution involving
checkboxes….
There, I fixed it for you…
W
--
For every complex problem, there is a solution that is simple, neat, and wrong.
-- H. L. Mencken
>
> The document goes to some lengths not to examine the motivation of the
> eavesdropper, so finding a better term than "bad actor" makes sense to me.
>
> _______________________________________________
> perpass mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/perpass
>
--
For every complex problem, there is a solution that is simple, neat, and wrong.
-- H. L. Mencken
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
