Re: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: ietf@xxxxxxxx, saag <saag@xxxxxxxx>
Subject: Re: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 22 Aug 2014 15:51:32 -0400
Archived-at: http://mailarchive.ietf.org/arch/msg/ietf/jw04pTpSv9RFTMBhAXntjPNx8lk
Delivered-to: ietf@xxxxxxxxxxxxxx
In-reply-to: <CAK3OfOgZzoXVnrE8Nbs6mwN2xD_snbzH9jT8TsYOVt8UASahYQ@mail.gmail.com>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

Nico,

On Fri, Aug 22, 2014 at 12:25 AM,  <l.wood@xxxxxxxxxxxx> wrote:

Okay, so with opportunistic security, all a man in the middle has to do is block any communications he can't decrypt, and it automatically downgrades to select something he can break?

Ah, there's the opportunity. Got it.

Eh?  The idea is to be downgrade resistant.

Nico

It's nice if the OS mechanism is downgrade resistant, but that is notrequired by

the current set of design principles.

Steve

References:
- Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Paul Wouters
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Dave Crocker
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Stephen Farrell
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Phillip Hallam-Baker
- Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Viktor Dukhovni
- RE: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: l.wood
- Re: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
  - From: Nico Williams

Prev by Date: Re: [saag] : Review of: Opportunistic Security -03 preview for comment
Next by Date: Re: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
Previous by thread: Re: [saag] Is opportunistic unauthenticated encryption a waste of time?
Next by thread: RE: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Fedora Users]