Re: Call for a Jasmine Revolution in the IETF: Privacy, Integrity, Obscurity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/06/2011 12:52 PM, Dean Willis wrote:
> Marc suggested:
>  
> 
>     I any case, may I suggest a Bar BOF in Prague?  Plotting revolutions in
>     coffeehouses is a very old tradition.
> 
>  
> Excellent idea. Perhaps this should be plotted over jasmine tea instead
> of coffee... 
> 
> 
> The point I really want to stress is that we must stop deliberately
> designing privacy, integrity, and obscurity weakness into our protocols,
>  and where we can't avoid weakness we should at least consider its
> implications. We have a real lack of understanding of these issues in
> the community. For example, if Alice and Bob have a communications
> session, IETF has never clued onto the fact that Alice and Bob might
> want intermediary Charlie not jut to be unable to read the data of their
> session, but to not even be able to know that they have one. We might
> not be able to hide the fact that Alice has a session with SOMEBODY from
> her next-door neighbor Allen, or the fact that Bob has a session from
> his next-door neighbor Burt, but even if Allen and Burt are working
> together, we should be able to hide the Alice-Bob relationship.
> 
> What do I mean by not designing weakness into our protocols? I give you
> SIP, for example.  After twelve years of work, I have yet to make a real
> call using the optional "sips" signaling model. Why? It's optional.
> Nobody uses it. Actually, I'm having a hard time using even basic SIP
> any more -- it looks like Google just pulled-the-plug on my telephony
> ISP service, which had been provided by the Gizmo Project. But that's
> another problem.

My very cynical view of this is that if encryption is one day available for
every computer and devices, this will be so the cloud services can hide their
activity siphoning all the privacy information from these devices.

- -- 
Marc Petit-Huguenin
Personal email: marc@xxxxxxxxxxxxxxxxxx
Professional email: petithug@xxxxxxx
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk10DhYACgkQ9RoMZyVa61d4cwCgk7G6QZV1s/FFa/DLhk1Y1B9o
fCYAoJiKZuuAo5t8eCnOkqHieCfkL2rL
=XA6v
-----END PGP SIGNATURE-----
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]