Hiya, On 23/08/14 22:05, Bernard Aboba wrote: > Stephen Farrell: >> However, say we're wrong and someone who thinks OS is a waste of >> time is actually correct, what would such a person recommend that >> we do as well as, or instead of, OS? > > [BA] It depends on who we are trying to protect, and from what (or > whom). Sure. > If the target is protection of dissidents from oppressive > regimes, then you need something much more comprehensive than > 'unauthenticated opportunistic encryption" (e.g. along the lines of > Tor). Right. That's a hard target and involves far more than crypto, whether OS or not. One thing clearly involved there is that traffic analysis is a threat, and I'd fully accept that we should be thinking about ways in which we could make our protocols better against that in general, even if we're not tackling the specific problems of dissidents. For example, if my toilet emits packets with every flush, encryption of any sort isn't going to disguise that so traffic analysis will also be relevant for the Internet-of-Toilets. > If the target is protection against PM within wealthy nations, > then you'd need something that can't be rendered harmless by a modest > budget increase. A number of MITM protection mechanisms have been > suggested (e.g. DANE, channel binding, etc.). But isn't that what the IETF and security folks within the IETF have been aiming for for a couple of decades? I mean aiming for an end-state where we have mutual-auth more-or-less everywhere. I don't consider that we've succeeded wildly to be honest;-) What should we be doing differently is really my question. > Also, in this category > should be mechanisms for protecting privacy against private-sector > adversaries. As long as private companies can amass huge dociers > without resort to PM (or without the need to subvert OS), and are > willing to sell that personal information to third parties (dodgy > ones, let alone governments), one wonders whether government > agencies would make better use of their funds by "buying" > surveillance, rather than trying to "build" it. As it happens we had some discussion about e2e email security in Toronto. Current plan is to start a new mailing list for that - a bunch of us are chatting about how to scope that so we're less likely to mess up. (More on that next week I hope.) Now email is of course just one application (though a cornerstone application). Which other applications/mechanisms should we be considering that'd help here? FWIW, I'm very open to us trying to help anywhere we could credibly do that. (Credibility requiring that stuff be technically doable, be something that should be done in the IETF and have enough warm bodies interested in doing work.) Cheers, S. PS: If you or someone has a specific suggestion for a thing on which we should be working, then maybe these lists are too broad for detailed discussion of that. In such cases, the perpass@xxxxxxxx list is probably a good place to triage whether a topic is one we should try pursue in the IETF.