Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from [EMAIL PROTECTED]) (fwd from [EMAIL PROTECTED])

On Fri, 10 Sep 2004, Eugen Leitl wrote: >From: Joe Touch <[EMAIL PROTECTED]> >>To clarify, this is not really "anonymous" in the usual sense. > >It does not authenticate the endpoint's identification, other than "same >place I had been talking to." > That's pseudonymity, not anonymity. >Ther

Re: anonymous IP terminology (Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from [EMAIL PROTECTED]))

On Sat, Sep 11, 2004 at 11:38:00AM -0700, Joe Touch wrote: > >>Although anonymous access is not the primary goal, it is a feature > >>of the solution. > > > >The access is _not_ anonymous. The originator's IP, ISP call traces, > >phone access records will be all over it and associated audit logs.

Re: potential new IETF WG on anonymous IPSec

Zooko O'Whielcronx wrote: On 2004, Sep 09, , at 16:57, Hal Finney wrote: ... an extension to IPsec to allow for unauthenticated connections. Presently IPsec relies on either pre-shared secrets or a trusted third party CA to authenticate the connection. No. It can also use RSA public keys without e

anonymous IP terminology (Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from [EMAIL PROTECTED]))

Joe Touch <[EMAIL PROTECTED]> wrote: > >The point has nothing to do with anonymity; > > The last one, agreed. But the primary assumption is that we can avoid a > lot of infrastructure and impediment to deployment by treating an > ongoing conversation as a reason to trust an endpoint, rather than

Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from hal@finney.org) (fwd from touch@ISI.EDU)

Eugen Leitl <[EMAIL PROTECTED]> writes: >It does not authenticate the endpoint's identification, other than "same place >I had been talking to." So in other words it's the same baby-duck security model that's been quite successfully used by SSH for about a decade, is also used in some SSL impleme

Re: potential new IETF WG on anonymous IPSec

At 12:57 PM 9/9/2004, Hal Finney wrote: > http://www.postel.org/anonsec To clarify, this is not really "anonymous" in the usual sense. Rather it is a proposal to an extension to IPsec to allow for unauthenticated connections. Presently IPsec relies on either pre-shared secrets or a trusted

Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from hal@finney.org) (fwd from touch@ISI.EDU)

From: Joe Touch <[EMAIL PROTECTED]> Subject: Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd frTo: "Discussions of anonymous Internet security." <[EMAIL PROTECTED]> Date: Fri, 10 Sep 2004 09:03:50 -0700 Reply-To: "Discussions of anonymous Internet security." <[EMAIL PROTECTED]> Cl

Re: Perplexing proof

On Fri, Sep 10, 2004 at 08:23:06AM -0400, R. A. Hettinga wrote: > "[The suggested proof] is rather incomprehensible," professor Marcus du > Sautoy of Oxford University told The Guardian, adding that if correct it > could lead to the creation of a "prime spectrometer" that would bring "the > whole

Re: potential new IETF WG on anonymous IPSec

On 2004, Sep 09, , at 16:57, Hal Finney wrote: To clarify, this is not really "anonymous" in the usual sense. Rather it is a proposal to an extension to IPsec to allow for unauthenticated connections. Presently IPsec relies on either pre-shared secrets or a trusted third party CA to authenticate