Interesting arms race you are creating here! Whilst I think the goal is honourable it looks very difficult and expensive to achieve but I do like a challenging problem.
Regards, Neil. > >-------- Original Message -------- >Subject: Fwd: W3C/IAB workshop on Strengthening the Internet Against >Pervasive Monitoring (STRINT) >Date: Thu, 16 Jan 2014 13:33:31 +0000 >From: Christian de Larrinaga <[email protected]> >To: [email protected] <[email protected]> > > > >Please pass this on to interested parties. > >The deadline for this has been extended until Monday 12:00 UTC. >Hope to see some of you there. > >Christian > >-------- Original Message -------- >Subject: W3C/IAB workshop on Strengthening the Internet Against >Pervasive Monitoring (STRINT) >Date: Sun, 1 Dec 2013 10:48:15 -0500 >From: IAB Chair <[email protected]> >Reply-To: [email protected] >To: IETF Announce <[email protected]> >CC: IAB <[email protected]>, IETF <[email protected]> > > > >W3C/IAB workshop on Strengthening the Internet >Against Pervasive Monitoring (STRINT) >====================================== > >Logistics/Dates: > >Submissions due: Jan 15 2014 >Invitations issued: Jan 31 2014 >Workshop Date: Feb 28 (pm) & Mar 1 (am) 2014 > To be Confirmed - could be all day Mar 1 >Location: Central London, UK. IETF Hotel or nearby (TBC) >For queries, contact: [email protected], [email protected] >Send submissions to: [email protected] >Workshop web site: http://www.w3.org/2014/strint/ > >The Vancouver IETF plenary concluded that pervasive monitoring >represents an attack on the Internet, and the IETF has begun to >carry out various of the more obvious actions [1] required to >try to handle this attack. However, there are additional much >more complex questions arising that need further consideration >before any additional concrete plans can be made. > >The W3C and IAB will therefore host a one-day workshop on the >topic of "Strengthening the Internet Against Pervasive >Monitoring" before IETF-89 in London in March 2014, with support >from the EU FP7 STREWS [2] project. > >Pervasive monitoring targets protocol data that we also need for >network manageability and security. This data is captured and >correlated with other data. There is an open problem as to how >to enhance protocols so as to maintain network manageability and >security but still limit data capture and correlation. > >The overall goal of the workshop is to steer IETF and W3C work >so as to be able to improve or "strengthen" the Internet in the >face of pervasive monitoring. A workshop report in the form of >an IAB RFC will be produced after the event. > >Technical questions for the workshop include: > >- What are the pervasive monitoring threat models, and what is > their effect on web and Internet protocol security and privacy? >- What is needed so that web developers can better consider the > pervasive monitoring context? >- How are WebRTC and IoT impacted, and how can they be better > protected? Are other key Internet and web technologies > potentially impacted? >- What gaps exist in current tool sets and operational best > practices that could address some of these potential impacts? >- What trade-offs exist between strengthening measures, (e.g. > more encryption) and performance, operational or network > management issues? >- How do we guard against pervasive monitoring while maintaining > network manageability? >- Can lower layer changes (e.g., to IPv6, LISP, MPLS) or > additions to overlay networks help? >- How realistic is it to not be fingerprintable on the web and > Internet? >- How can W3C, the IETF and the IRTF better deal with new > cryptographic algorithm proposals in future? >- What are the practical benefits and limits of "opportunistic > encryption"? >- Can we deploy end-to-end crypto for email, SIP, the web, all > TCP applications or other applications so that we mitigate > pervasive monitoring usefully? >- How might pervasive monitoring take form or be addressed in > embedded systems or different industrial verticals? >- How do we reconcile caching, proxies and other intermediaries > with end-to-end encryption? >- Can we obfuscate metadata with less overhead than TOR? >- Considering meta-data: are there relevant differences between > protocol artefacts, message sizes and patterns and payloads? > >Position papers (maximum of 5 pages using 10pt font or any >length Internet-Drafts) from academia, industry and others that >focus on the broader picture and that warrant the kind of >extended discussion that a full day workshop offers are the most >welcome. Papers that reflect experience based on running code >and deployed services are also very welcome. Papers that are >proposals for point-solutions are less useful in this context, >and can simply be submitted as Internet-Drafts and discussed on >relevant IETF or W3C lists, e.g. the IETF perpass list. [3] > >The workshop will be by invitation only. Those wishing to attend >should submit a position paper or Internet-Draft. All inputs >submitted and considered relevant will be published on the >workshop web page. The organisers (STREWS project participants, >IAB and W3C staff) will decide whom to invite based on the >submissions received. Sessions will be organized according to >content, and not every accepted submission or invited attendee >will have an opportunity to present as the intent is to foster >discussion and not simply to have a sequence of presentations. > >[1] http://down.dsg.cs.tcd.ie/misc/perpass.txt >[2] http://www.strews.eu/ >[3] https://www.ietf.org/mailman/listinfo/perpass > > >
