Joe,
...
I did.
To repeat in summary, the charter mandates a TCP solution based on
deployability to address pervasive monitoring. However:
- unauthenticated anything protects against only shared-media
monitoring. the kind of pervasive monitoring I believe motivated
the BCP is at firewalls or routers on-path, and those can
easily act as MITM
I think the Snowden disclosures suggested physicalz layer passive
wiretaps were a
common form of PM. Such wiretaps might be purely passive, to avoid
detection, and
this not capable of MiTM attacks.
so any unauthenticated approach is likely not to suffice to
address the BCP that is the primary motivation of this work
I don't get that sense from reading the BCP. Even though Viktor and I
disagree about
many details of his draft on opportunistic security, we are in agreement
that increasing
use of encryption, even without authentication, is the primary
motivation for OS, consistent
with the BCP.
...
- there is no reason that a TCP layer solution is appropriate
if we're concerned about monitoring
huh?
In fact, the charter starts from a position of wanting to protect
traffic from monitoring, but jumps to the conclusion that a TCP
solution is needed. What fraction of TCP traffic isn't already
protected from monitoring by TLS, and what fraction is TCP of the
total traffic potentially being monitored?
I assume the charter narrowly focuses on TCP because of the source of
the charter, and the fact
that other WGs are already addressing solutions that are no based on TCP.
Steve
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
