From nobody Mon Aug 18 06:15:53 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AC341A0323 for ; Mon, 18 Aug 2014 06:15:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.818 X-Spam-Level: X-Spam-Status: No, score=-0.818 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, HELO_EQ_FR=0.35, RP_MATCHES_RCVD=-0.668] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id op0I4GeHRZRO for ; Mon, 18 Aug 2014 06:15:45 -0700 (PDT) Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 965B91A0313 for ; Mon, 18 Aug 2014 06:15:45 -0700 (PDT) Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 09E14280266; Mon, 18 Aug 2014 15:15:43 +0200 (CEST) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 0524D28010A; Mon, 18 Aug 2014 15:15:43 +0200 (CEST) Received: from bortzmeyer.nic.fr (unknown [IPv6:2001:67c:1348:7::86:133]) by relay1.nic.fr (Postfix) with ESMTP id F24F64C0089; Mon, 18 Aug 2014 15:15:12 +0200 (CEST) Date: Mon, 18 Aug 2014 15:15:12 +0200 From: Stephane Bortzmeyer To: draft-kirsch-ietf-tcp-stealth@tools.ietf.org Message-ID: <20140818131512.GA26987@nic.fr> References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> X-Operating-System: Debian GNU/Linux jessie/sid X-Kernel: Linux 3.14-1-686-pae i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.23 (2014-03-12) Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/D4th-cjIdhVr2gFhuCe0FEIIgN4 Cc: perpass@ietf.org Subject: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 13:15:51 -0000 [The I-D does not indicate, apparently, a mailing list for discussion of the idea. Trying on perpass. Suggestions of a better venue are welcome.] On Thu, Aug 14, 2014 at 11:41:06PM -0700, internet-drafts@ietf.org wrote a message of 49 lines which said: > Title : TCP Stealth > Authors : Julian Kirsch > Christian Grothoff > Jacob Appelbaum > Holger Kenn > Filename : draft-kirsch-ietf-tcp-stealth-00.txt IMHO, very good idea for an important problem. I would like this work to move forward (an independant RFC with status Experimental, may be?) A few suggestions/remarks: * May be a remark about the fact that it is intended for small groups (the use of a shared secret limits the scalability). * "If the token is incorrect, the operating system pretends that the port is closed." If the port is closed, the server will reply with a RST. Not very stealth. You meant "If the token is incorrect, the operating system won't reply at all"? * May be a security analysis comparing it to port knocking? If I'm correct, TCP stealth provides min(32, N) bits of secret (32 being the size of the ISN and N the number of bits in the shared secret) while port knocking provides 16*N bits (N being the number of ports to knock). * May be a mention of SPA , which is closer from TCP Stealth than port-knocking? (The biggest difference is that SPA is not stealth, Eve knows you're using SPA.) * Why MD5? I assume that TCP Stealth has no cryptographic agility since there is no room to indicate the crypto algorithm (while staying stealth) but why MD5, despite RFC 6151? * "6. Integraton with Applications" should be Integration From nobody Mon Aug 18 06:20:20 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A51E71A0343 for ; Mon, 18 Aug 2014 06:20:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.568 X-Spam-Level: X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wmfejZmxEbGw for ; Mon, 18 Aug 2014 06:20:17 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 709571A0313 for ; Mon, 18 Aug 2014 06:20:17 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5151ABE01; Mon, 18 Aug 2014 14:20:16 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C6ubI0Oz62ek; Mon, 18 Aug 2014 14:20:16 +0100 (IST) Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 2E6F0BDFD; Mon, 18 Aug 2014 14:20:16 +0100 (IST) Message-ID: <53F1FD90.6000706@cs.tcd.ie> Date: Mon, 18 Aug 2014 14:20:16 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0 MIME-Version: 1.0 To: Stephane Bortzmeyer , draft-kirsch-ietf-tcp-stealth@tools.ietf.org References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> <20140818131512.GA26987@nic.fr> In-Reply-To: <20140818131512.GA26987@nic.fr> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/HusHO5aJ3n-hfCX6ntHUkJQTxnA Cc: perpass@ietf.org Subject: Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 13:20:19 -0000 Hiya, This list would be ok I guess though a thread has been started on tcpinc and tcpm. I suspect that tcpm is probably the best overall, as its there where the folks who'd be best able to comment would be found I think. S. On 18/08/14 14:15, Stephane Bortzmeyer wrote: > [The I-D does not indicate, apparently, a mailing list for discussion > of the idea. Trying on perpass. Suggestions of a better venue are > welcome.] > > On Thu, Aug 14, 2014 at 11:41:06PM -0700, > internet-drafts@ietf.org wrote > a message of 49 lines which said: > >> Title : TCP Stealth >> Authors : Julian Kirsch >> Christian Grothoff >> Jacob Appelbaum >> Holger Kenn >> Filename : draft-kirsch-ietf-tcp-stealth-00.txt > > IMHO, very good idea for an important problem. I would like this > work to move forward (an independant RFC with status Experimental, may > be?) > > A few suggestions/remarks: > > * May be a remark about the fact that it is intended for small groups > (the use of a shared secret limits the scalability). > > * "If the token is incorrect, the operating system pretends that the > port is closed." If the port is closed, the server will reply with a > RST. Not very stealth. You meant "If the token is incorrect, the > operating system won't reply at all"? > > * May be a security analysis comparing it to port knocking? If I'm > correct, TCP stealth provides min(32, N) bits of secret (32 being the > size of the ISN and N the number of bits in the shared secret) while > port knocking provides 16*N bits (N being the number of ports to > knock). > > * May be a mention of SPA , which > is closer from TCP Stealth than port-knocking? (The biggest difference > is that SPA is not stealth, Eve knows you're using SPA.) > > * Why MD5? I assume that TCP Stealth has no cryptographic agility > since there is no room to indicate the crypto algorithm (while staying > stealth) but why MD5, despite RFC 6151? > > * "6. Integraton with Applications" should be Integration > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > > From nobody Mon Aug 18 06:50:17 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B418A1A0380 for ; Mon, 18 Aug 2014 06:49:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.85 X-Spam-Level: X-Spam-Status: No, score=-3.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S05kjTRkmzl0 for ; Mon, 18 Aug 2014 06:49:16 -0700 (PDT) Received: from smtp1.informatik.tu-muenchen.de (mail-out1.informatik.tu-muenchen.de [131.159.0.8]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9865C1A036E for ; Mon, 18 Aug 2014 06:49:16 -0700 (PDT) Received: from [192.168.178.20] (pd95c0f92.dip0.t-ipconnect.de [217.92.15.146]) by mail.net.in.tum.de (Postfix) with ESMTPSA id 741171A39982; Mon, 18 Aug 2014 15:49:13 +0200 (CEST) Message-ID: <53F2045B.3090602@gnunet.org> Date: Mon, 18 Aug 2014 15:49:15 +0200 From: Christian Grothoff User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.7.0 MIME-Version: 1.0 To: Stephane Bortzmeyer , draft-kirsch-ietf-tcp-stealth@tools.ietf.org References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> <20140818131512.GA26987@nic.fr> In-Reply-To: <20140818131512.GA26987@nic.fr> X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="N9S9QesHObUQF42no66Gd1ELT505VBAXa" Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/xApg2fO-ij0MSOfuEb37NsXO7Do X-Mailman-Approved-At: Mon, 18 Aug 2014 06:50:15 -0700 Cc: perpass@ietf.org Subject: Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 13:49:18 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --N9S9QesHObUQF42no66Gd1ELT505VBAXa Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 08/18/2014 03:15 PM, Stephane Bortzmeyer wrote: > [The I-D does not indicate, apparently, a mailing list for discussion > of the idea. Trying on perpass. Suggestions of a better venue are > welcome.] >=20 > On Thu, Aug 14, 2014 at 11:41:06PM -0700, > internet-drafts@ietf.org wrote=20 > a message of 49 lines which said: >=20 >> Title : TCP Stealth >> Authors : Julian Kirsch >> Christian Grothoff >> Jacob Appelbaum >> Holger Kenn >> Filename : draft-kirsch-ietf-tcp-stealth-00.txt >=20 > IMHO, very good idea for an important problem. I would like this > work to move forward (an independant RFC with status Experimental, may > be?) >=20 > A few suggestions/remarks: >=20 > * May be a remark about the fact that it is intended for small groups > (the use of a shared secret limits the scalability).=20 That is of course correct. > * "If the token is incorrect, the operating system pretends that the > port is closed." If the port is closed, the server will reply with a > RST. Not very stealth. You meant "If the token is incorrect, the > operating system won't reply at all"? We intend the OS to react in the same way as it does for all other ports where no service is listening. If the OS policy is to send a RST, it should also send a RST if the authentication fails If the OS policy is to drop, it should also drop if the authentication fails. Stealth here is about being as indistinguishable as possible from an "ordinary" closed port. > * May be a security analysis comparing it to port knocking?=20 Eh, this is a port knocking scheme. > If I'm > correct, TCP stealth provides min(32, N) bits of secret (32 being the > size of the ISN and N the number of bits in the shared secret) while > port knocking provides 16*N bits (N being the number of ports to > knock). That depends on the type of port knocking scheme deployed. You could in theory implement a knock with a 512 byte UDP packet and have a huge shared secret. Naturally, if you talk about a knock where just the destination port is derived from the knock secret, then your analysis is correct. But again, there are many ways to implement knocking in general= =2E > * May be a mention of SPA , which > is closer from TCP Stealth than port-knocking? (The biggest difference > is that SPA is not stealth, Eve knows you're using SPA.) There are other differences; for a more detailed analysis I would suggest you use Julian's Master's thesis, not the RFC. The MS thesis is freely available at https://gnunet.org/kirsch2014knock > * Why MD5? I assume that TCP Stealth has no cryptographic agility > since there is no room to indicate the crypto algorithm (while staying > stealth) but why MD5, despite RFC 6151? As (I hope) the thesis explains, MD5 is used for ISN calculations already, from ISN to SYN flooding protections. And once reduced to 32 bits, there is no real security advantage of other hash functions, but there is a speed (and maybe indistinguishability advantage) for MD5. > * "6. Integraton with Applications" should be Integration Ack. Fixed in Git, thanks! -Christian --N9S9QesHObUQF42no66Gd1ELT505VBAXa Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iEYEARECAAYFAlPyBFsACgkQv2Bwi0hCbH5Q6QCgkWRmkPEpU98DCnoNyVirXziS QA4An1P8JAtISB8co4QkBM5agdqLAVAS =5S6/ -----END PGP SIGNATURE----- --N9S9QesHObUQF42no66Gd1ELT505VBAXa-- From nobody Mon Aug 18 06:56:09 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CA281A037A for ; Mon, 18 Aug 2014 06:56:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.978 X-Spam-Level: X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUgjJlxqqH6Y for ; Mon, 18 Aug 2014 06:56:06 -0700 (PDT) Received: from mail-lb0-f173.google.com (mail-lb0-f173.google.com [209.85.217.173]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFD4E1A0351 for ; Mon, 18 Aug 2014 06:56:05 -0700 (PDT) Received: by mail-lb0-f173.google.com with SMTP id u10so4167006lbd.18 for ; Mon, 18 Aug 2014 06:56:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=M/ZwKlGBOnf1+/mNQZ/JvixccOse6vINUSxDNvV8R+I=; b=DURP8ZRvvLYly2dUXtgzdeIKQG5RRYYo6f+7IbyrCMvx+e5mwdQph1r7d6EyBdc3Rw p/nfMUFAwr+Nr1p/msRqvHOmUsOEYxGXKmNjyVCu+UqoD+MknVOg+9ag5uR72D4L9wOO PtQoSn87SFqeYvaHcbXgfrzAfvHVbh7YQ19NUzQgZ06J0R8/YDN8DVxCl7mAkZtcdPJs k2QXAekfB1lUyRXh4xMwZTn1HJDsghkRSNyIoqA7vLIB5NzKQzvIblGtu8XoJZUDYRto sHhdro9Yga8XcHm7DjsmJlOhuUcJIii/JAjOhJ596bc+AkZH6W0HKw4MRohmBdk7EJNb avBw== X-Gm-Message-State: ALoCoQmqlA3OSEYKyxoM9tJuxaiqXb85KSNuUYXCtWgITFw5OzzALm22AOfyjI3E2yHc9Itp0ctp MIME-Version: 1.0 X-Received: by 10.152.87.82 with SMTP id v18mr29685564laz.17.1408370163422; Mon, 18 Aug 2014 06:56:03 -0700 (PDT) Received: by 10.152.242.42 with HTTP; Mon, 18 Aug 2014 06:56:03 -0700 (PDT) X-Originating-IP: [80.246.32.33] In-Reply-To: <53F2045B.3090602@gnunet.org> References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> <20140818131512.GA26987@nic.fr> <53F2045B.3090602@gnunet.org> Date: Mon, 18 Aug 2014 15:56:03 +0200 Message-ID: From: Hagen Paul Pfeifer To: Christian Grothoff Content-Type: text/plain; charset=UTF-8 Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/aYPVLTygzreodlb5iFXIAQSmQsg Cc: draft-kirsch-ietf-tcp-stealth@tools.ietf.org, perpass@ietf.org, Stephane Bortzmeyer Subject: Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 13:56:08 -0000 tcpinc is probably another candiate to discuss this ID. On 18 August 2014 15:49, Christian Grothoff wrote: > On 08/18/2014 03:15 PM, Stephane Bortzmeyer wrote: >> [The I-D does not indicate, apparently, a mailing list for discussion >> of the idea. Trying on perpass. Suggestions of a better venue are >> welcome.] >> >> On Thu, Aug 14, 2014 at 11:41:06PM -0700, >> internet-drafts@ietf.org wrote >> a message of 49 lines which said: >> >>> Title : TCP Stealth >>> Authors : Julian Kirsch >>> Christian Grothoff >>> Jacob Appelbaum >>> Holger Kenn >>> Filename : draft-kirsch-ietf-tcp-stealth-00.txt >> >> IMHO, very good idea for an important problem. I would like this >> work to move forward (an independant RFC with status Experimental, may >> be?) >> >> A few suggestions/remarks: >> >> * May be a remark about the fact that it is intended for small groups >> (the use of a shared secret limits the scalability). > > That is of course correct. > >> * "If the token is incorrect, the operating system pretends that the >> port is closed." If the port is closed, the server will reply with a >> RST. Not very stealth. You meant "If the token is incorrect, the >> operating system won't reply at all"? > > We intend the OS to react in the same way as it does for all other ports > where no service is listening. If the OS policy is to send a RST, it > should also send a RST if the authentication fails If the OS policy is > to drop, it should also drop if the authentication fails. Stealth here > is about being as indistinguishable as possible from an "ordinary" > closed port. > >> * May be a security analysis comparing it to port knocking? > > Eh, this is a port knocking scheme. > >> If I'm >> correct, TCP stealth provides min(32, N) bits of secret (32 being the >> size of the ISN and N the number of bits in the shared secret) while >> port knocking provides 16*N bits (N being the number of ports to >> knock). > > That depends on the type of port knocking scheme deployed. You could in > theory implement a knock with a 512 byte UDP packet and have a huge > shared secret. Naturally, if you talk about a knock where just the > destination port is derived from the knock secret, then your analysis is > correct. But again, there are many ways to implement knocking in general. > >> * May be a mention of SPA , which >> is closer from TCP Stealth than port-knocking? (The biggest difference >> is that SPA is not stealth, Eve knows you're using SPA.) > > There are other differences; for a more detailed analysis I would > suggest you use Julian's Master's thesis, not the RFC. The MS thesis is > freely available at https://gnunet.org/kirsch2014knock > >> * Why MD5? I assume that TCP Stealth has no cryptographic agility >> since there is no room to indicate the crypto algorithm (while staying >> stealth) but why MD5, despite RFC 6151? > > As (I hope) the thesis explains, MD5 is used for ISN calculations > already, from ISN to SYN flooding protections. And once reduced to 32 > bits, there is no real security advantage of other hash functions, but > there is a speed (and maybe indistinguishability advantage) for MD5. > >> * "6. Integraton with Applications" should be Integration > > Ack. Fixed in Git, thanks! > > -Christian > > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > From nobody Mon Aug 18 06:56:41 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 622671A038A for ; Mon, 18 Aug 2014 06:56:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.218 X-Spam-Level: X-Spam-Status: No, score=-2.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, RP_MATCHES_RCVD=-0.668] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y6aH3mOSP_QX for ; Mon, 18 Aug 2014 06:56:38 -0700 (PDT) Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B59521A0351 for ; Mon, 18 Aug 2014 06:56:38 -0700 (PDT) Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 50EAD2802A0; Mon, 18 Aug 2014 15:56:37 +0200 (CEST) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 4BA64280288; Mon, 18 Aug 2014 15:56:37 +0200 (CEST) Received: from bortzmeyer.nic.fr (unknown [IPv6:2001:67c:1348:7::86:133]) by relay1.nic.fr (Postfix) with ESMTP id 4035F4C0083; Mon, 18 Aug 2014 15:56:07 +0200 (CEST) Date: Mon, 18 Aug 2014 15:56:07 +0200 From: Stephane Bortzmeyer To: Christian Grothoff Message-ID: <20140818135607.GA31384@nic.fr> References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> <20140818131512.GA26987@nic.fr> <53F2045B.3090602@gnunet.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <53F2045B.3090602@gnunet.org> X-Operating-System: Debian GNU/Linux jessie/sid X-Kernel: Linux 3.14-1-686-pae i686 Organization: NIC France X-URL: http://www.nic.fr/ User-Agent: Mutt/1.5.23 (2014-03-12) Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/pRE8XsyihU56a3uMVsw0Rb5iRvM Cc: draft-kirsch-ietf-tcp-stealth@tools.ietf.org, perpass@ietf.org, Stephane Bortzmeyer Subject: Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 13:56:40 -0000 On Mon, Aug 18, 2014 at 03:49:15PM +0200, Christian Grothoff wrote a message of 100 lines which said: > Eh, this is a port knocking scheme. You don't knock a single port and you still call it "port knocking"? It seems a very broad definition. From nobody Mon Aug 18 07:30:22 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16ED61A03EE for ; Mon, 18 Aug 2014 07:30:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.568 X-Spam-Level: X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0VMVhahgIjdn for ; Mon, 18 Aug 2014 07:30:04 -0700 (PDT) Received: from smtp-fr.alcatel-lucent.com (fr-hpida-esg-02.alcatel-lucent.com [135.245.210.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BEB81A0444 for ; Mon, 18 Aug 2014 07:29:48 -0700 (PDT) Received: from fr712usmtp2.zeu.alcatel-lucent.com (unknown [135.239.2.42]) by Websense Email Security Gateway with ESMTPS id 4FCCAC5945EFC; Mon, 18 Aug 2014 14:29:44 +0000 (GMT) Received: from FR711WXCHHUB01.zeu.alcatel-lucent.com (fr711wxchhub01.zeu.alcatel-lucent.com [135.239.2.111]) by fr712usmtp2.zeu.alcatel-lucent.com (GMO) with ESMTP id s7IETaOQ003886 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 18 Aug 2014 16:29:45 +0200 Received: from FR712WXCHMBA15.zeu.alcatel-lucent.com ([169.254.7.218]) by FR711WXCHHUB01.zeu.alcatel-lucent.com ([135.239.2.111]) with mapi id 14.02.0247.003; Mon, 18 Aug 2014 16:29:43 +0200 From: "Scharf, Michael (Michael)" To: "perpass@ietf.org" Thread-Topic: [tcpm] TCP Stealth - possible interest to the WG Thread-Index: Ac+448Fsl9mI8tJfQO6l37mQPpygtgB+DAeAAARk9EA= Date: Mon, 18 Aug 2014 14:29:43 +0000 Message-ID: <655C07320163294895BBADA28372AF5D165FDE51@FR712WXCHMBA15.zeu.alcatel-lucent.com> References: In-Reply-To: Accept-Language: de-DE, en-US Content-Language: de-DE X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [135.239.27.39] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/vK6UXQRb_Fuvx0JhgGn1wUyRjyM Cc: Hagen Paul Pfeifer Subject: Re: [perpass] [tcpm] TCP Stealth - possible interest to the WG X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 14:30:10 -0000 UmVnYXJkaW5nIGRpc2N1c3Npb25zIG9mIGRyYWZ0LWtpcnNjaC1pZXRmLXRjcC1zdGVhbHRoOg0K DQpJIHRoaW5rIHRoYXQgdGVjaG5pY2FsIGFzcGVjdHMgc2hvdWxkIHJlYWxseSBiZSBkaXNjdXNz ZWQgb24gdGhlIHRjcG0gYW5kL29yIHRjcGluYyBsaXN0LiBJIGp1c3QgbGVhcm50IHRoYXQgdGhl cmUgaXMgYWxzbyBkaXNjdXNzaW9uIG9uIHBlcnBhc3MuDQoNCkluIHBhcnRpY3VsYXIgdGhlIHRj cG0gbGlzdCBpcyB1c3VhbGx5IGEgZ29vZCBzdGFydGluZyBwb2ludCBmb3Iga2lja2luZyBvZmYg YW55IFRDUC1yZWxhdGVkIGRpc2N1c3Npb24gKG5vIG1hdHRlciB3aGVyZSBpdCBmaW5hbGx5IGVu ZHMgd2l0aGluIHRoZSBJRVRGKS4NCg0KTWljaGFlbA0KIA0KDQo+IC0tLS0tT3JpZ2luYWwgTWVz c2FnZS0tLS0tDQo+IEZyb206IHRjcG0gW21haWx0bzp0Y3BtLWJvdW5jZXNAaWV0Zi5vcmddIE9u IEJlaGFsZiBPZiBIYWdlbiBQYXVsDQo+IFBmZWlmZXINCj4gU2VudDogTW9uZGF5LCBBdWd1c3Qg MTgsIDIwMTQgNDowMCBQTQ0KPiBUbzogU2NoZWZmZW5lZ2dlciwgUmljaGFyZA0KPiBDYzogdGNw aW5jQGlldGYub3JnOyB0Y3BtICh0Y3BtQGlldGYub3JnKTsgSm9lIFRvdWNoDQo+IFN1YmplY3Q6 IFJlOiBbdGNwbV0gVENQIFN0ZWFsdGggLSBwb3NzaWJsZSBpbnRlcmVzdCB0byB0aGUgV0cNCj4g DQo+IEhpIFJpY2hhcmQsIHRjcG0sIHRjcGluYw0KPiANCj4gdGhlIGdyb3VuZCB3b3JrIGZvciB0 aGUgSUQgaXMgbGlrZWx5IHRoZSBmb2xsb3dpbmcgbWFzdGVyIHRoZXNpcw0KPiB0aXRsZWQgIklt cHJvdmVkIEtlcm5lbC1CYXNlZCBQb3J0LUtub2NraW5nIGluIExpbnV4IlsxXToNCj4gRmVlbGlu ZyBhIGxpdHRsZSBiaXQgdW5mb3J0dW5hdGUgd2l0aCB0aGlzIG9iZnVzY2F0aW9uIHRlY2huaXF1 ZSBidXQNCj4gaGlnaGx5IGFwcHJlY2lhdGUgZWZmb3J0cyB0byBwcmV2ZW50IG1hc3Mgc2Nhbm5p bmcuIEJUVzogZGlzY3Vzc2lvbiBvbg0KPiB0aGlzIElEIGFscmVhZHkgc3RhcnRlZCBvbiBwZXJw YXNzLg0KPiANCj4gQ2hlZXJzLCBIYWdlbg0KPiANCj4gWzFdIGh0dHBzOi8vZ251bmV0Lm9yZy9z aXRlcy9kZWZhdWx0L2ZpbGVzL21hX2tpcnNjaF8yMDE0LnBkZg0KPiANCj4gDQo+IE9uIDE2IEF1 Z3VzdCAyMDE0IDAxOjUxLCBTY2hlZmZlbmVnZ2VyLCBSaWNoYXJkIDxyc0BuZXRhcHAuY29tPiB3 cm90ZToNCj4gPiBIaSwNCj4gPg0KPiA+IEkganVzdCBsZWFybmVkIGFib3V0IGFuIGluZGl2aWR1 YWwgc3VibWlzc2lvbiwgd2hpY2ggaXMgcHJvYmFibHkgb2YNCj4gaW50ZXJlc3QNCj4gPiBub3Qg b25seSB0byB0aGUgbWVtYmVycyBvZiB0aGVzZSB0d28gV0dzOw0KPiA+DQo+ID4gaHR0cDovL3Rv b2xzLmlldGYub3JnL2h0bWwvZHJhZnQta2lyc2NoLWlldGYtdGNwLXN0ZWFsdGgtMDANCj4gPg0K PiA+DQo+ID4gT24gYSBmaXJzdCwgY2FzdWFsIGdsYW5jZSwgSSBhbSB3b25kZXJpbmcgaWYgdGhl IGF1dGhvcnMgaGF2ZQ0KPiByZWFsaXplZCBhbGwNCj4gPiB0aGUgaW1wbGljYXRpb25zIG9mIHRo ZWlyIHN1Z2dlc3Rpb247DQo+ID4NCj4gPiBUaGVyZSBzZWVtIHRvIGJlIGF0IGxlYXN0IHR3byBv ciB0aHJlZSBtYWpvciBpc3N1ZXMgdGhhdCBjb21wcm9taXNlDQo+IGVpdGhlcg0KPiA+IHRoZSB3 b3JraW5nIGFuZCBzdGFiaWxpdHkgb2YgVENQLCBvciB3b3JrIGFnYWluc3QgdGhlIGludGVuZGVk DQo+ID4g4oCcc3RlYWx0aGllbmVzc+KAnSBvZiB0aGlzIG1vZGlmaWNhdGlvbiAobWFraW5nIGl0 IGVhc3kgZm9yIGFuIGF0dGFja2VyDQo+IHRvDQo+ID4gaWRlbnRpZnkgc3VjaCBzZXNzaW9ucywg cHJvdmlkZWQgaGUgaXMgYWJsZSB0byBhY3RpdmVseSBpbnRlcmZlcmUNCj4gd2l0aA0KPiA+IHNl Z21lbnRzIGluIHRyYW5zaXQgKGllLiBjYXVzZSBjZXJ0YWluIHNlZ21lbnRzIHRvIGJlIGRyb3Bw ZWQpLg0KPiA+DQo+ID4gTmV2ZXJ0aGVsZXNzLCBpdCBtaWdodCBiZSBiZW5lZmljaWFsIHRvIGRp c2N1c3MgdGhlIGdlbmVyaWMgaWRlYSBpbiBhDQo+IHdpZGVyDQo+ID4gZm9ydW0sIGFtb25nIGJy aWdodGVyIG1pbmRzIHRoYW4gbWUuDQo+ID4NCj4gPiBSaWNoYXJkIFNjaGVmZmVuZWdnZXINCj4g Pg0KPiA+DQo+ID4NCj4gPiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fXw0KPiA+IHRjcG0gbWFpbGluZyBsaXN0DQo+ID4gdGNwbUBpZXRmLm9yZw0KPiA+IGh0 dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vdGNwbQ0KPiA+DQo+IA0KPiBfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiB0Y3BtIG1haWxp bmcgbGlzdA0KPiB0Y3BtQGlldGYub3JnDQo+IGh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4v bGlzdGluZm8vdGNwbQ0K From nobody Mon Aug 25 11:21:47 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A94191A01D5 for ; Mon, 25 Aug 2014 11:21:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.568 X-Spam-Level: X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RhHN3PwFfzs9 for ; Mon, 25 Aug 2014 11:21:42 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id D89E31A01EB for ; Mon, 25 Aug 2014 11:21:40 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 3DA79BDD8 for ; Mon, 25 Aug 2014 19:21:40 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YeORXONRvb6Y for ; Mon, 25 Aug 2014 19:21:38 +0100 (IST) Received: from [10.87.48.7] (unknown [86.41.56.186]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id BD131BDD7 for ; Mon, 25 Aug 2014 19:21:38 +0100 (IST) Message-ID: <53FB7EB2.5060202@cs.tcd.ie> Date: Mon, 25 Aug 2014 19:21:38 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0 MIME-Version: 1.0 To: perpass References: <53FB7E79.3040608@cs.tcd.ie> In-Reply-To: <53FB7E79.3040608@cs.tcd.ie> X-Forwarded-Message-Id: <53FB7E79.3040608@cs.tcd.ie> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/Xf1ggnJpnABzvNfTJ51V4XJxi94 Subject: [perpass] Fwd: [saag] new list for discussion of end-to-end email security/privacy improvements X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Aug 2014 18:21:44 -0000 FYI -------- Forwarded Message -------- Subject: [saag] new list for discussion of end-to-end email security/privacy improvements Date: Mon, 25 Aug 2014 19:20:41 +0100 From: Stephen Farrell To: saag@ietf.org Hi all, Following on from discussion in Toronto in appaswg and saag, and a subsequent request, we've created a mailing list for discussing this topic. Pete Resnick and I will initially manage the list. If you're interested, please subscribe. Once Pete and I figure there's a good enough set of folks subscribed we'll fire off a starter email. That usually takes a few days, so probably Wed-Thu this week. The list [1] description is: There is significant interest in improving the privacy-related properties of Internet mail. One focus of current efforts is on the per-hop (connection-based) protections provided by TLS. However a wide range of other work has a focus on end-to-end protection, at the Internet scale of billions of end users and perhaps millions of operators. Such work typically involves new forms of mail header or body protection, new public key management (compared to S/MIME or PGP), and security mechanisms more appropriate for mobile/web user-agents. Other security-relevant approaches may be discussed if needed. Various proposals and development efforts on this topic are underway outside the IETF. This mailing list provides an IETF venue for discussion of elements that might be commonly needed by such efforts and to identify work that the IETF could do to aid in achieving better end-to-end security deployed for Internet email. Cheers, S. [1] https://www.ietf.org/mailman/listinfo/endymail _______________________________________________ saag mailing list saag@ietf.org https://www.ietf.org/mailman/listinfo/saag From nobody Thu Aug 28 07:01:13 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C3451A0462 for ; Thu, 28 Aug 2014 07:01:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.348 X-Spam-Level: X-Spam-Status: No, score=0.348 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18jYLrtShO_f for ; Thu, 28 Aug 2014 07:00:55 -0700 (PDT) Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED7B41A045C for ; Thu, 28 Aug 2014 07:00:54 -0700 (PDT) Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id s7SE0opD014949 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Thu, 28 Aug 2014 16:00:52 +0200 Date: Thu, 28 Aug 2014 16:00:43 +0200 From: Simon Josefsson To: perpass@ietf.org Message-ID: <20140828160043.76ae962f@latte.josefsson.org> X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.10; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA256; boundary="Sig_/.ZXrY2MFbRtMgc6AS8uV.jz"; protocol="application/pgp-signature" X-Virus-Scanned: clamav-milter 0.98.4 at duva.sjd.se X-Virus-Status: Clean Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/vrc4CS0TyivsqWyf4K6iRTurJ6Q Subject: [perpass] OpenPGP mail/news header X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2014 14:01:07 -0000 --Sig_/.ZXrY2MFbRtMgc6AS8uV.jz Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Folks, I have updated a six (!) year old document describing the OpenPGP mail/news header field. As it encourages and promotes use of encrypted/signed email, I thought it would be relevant to this list. All feedback is appreciated, either directly to me or here. http://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07 /Simon --Sig_/.ZXrY2MFbRtMgc6AS8uV.jz Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJT/zYLAAoJEIYLf7sy+BGdZJYH/iZuqW0yfdUCeOGDvc16/iwu nPKd+T1OyIRKXxNz07od3S5fSlFnsk3edzuLmHFo/oy1sz+i1WMQjZk9j9MdNkAz 5mx72emYue7l0Rc5X5ktNxZlz2uVNAis9rUUPc/I7v+9NO7j0hMgMludOrMnuxFh FOLrM0GsVgSzzA9MiRDFIx7KsbNgZrVF4Xngjn9ue/qzvi6oKF8ioG+vOP8ZvweT 0Au9ixpMFhp3J0KfjQfrbAgsBoEvxv5g/evzNqxUgk/JjJPnT7/WMfabPQ8urrjv A66HLpne3NYcVuYMyZ+t/cWzv2D7JboG/h42/RogNSSGb8ucm3PaBqP+TNkvI8Y= =M/35 -----END PGP SIGNATURE----- --Sig_/.ZXrY2MFbRtMgc6AS8uV.jz-- From nobody Thu Aug 28 07:32:59 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A3EE1A6F7B for ; Thu, 28 Aug 2014 07:32:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.568 X-Spam-Level: X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5jSQqHTz2bEL for ; Thu, 28 Aug 2014 07:32:54 -0700 (PDT) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F7931A06C5 for ; Thu, 28 Aug 2014 07:32:45 -0700 (PDT) Received: from [172.16.254.100] ([80.92.121.165]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0LwqwS-1WGxfu1ybQ-016O1O; Thu, 28 Aug 2014 16:32:42 +0200 Message-ID: <53FF3D86.3070201@gmx.net> Date: Thu, 28 Aug 2014 16:32:38 +0200 From: Hannes Tschofenig User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0 MIME-Version: 1.0 To: Simon Josefsson , perpass@ietf.org References: <20140828160043.76ae962f@latte.josefsson.org> In-Reply-To: <20140828160043.76ae962f@latte.josefsson.org> OpenPGP: id=4D776BC9 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="4keqvQ23XtgBSwNhjaoKsqQRNKE9fnSFa" X-Provags-ID: V03:K0:cphHSIyLUEUMXZFoHu07D9nJSABWf3W8ZQBC1StWOlngoil+aTC zBsNkIiI2u1fEscZDoIYLUmj4jU3z9OYXke13dWqdnzepJxgWIFKDTMKtUt6ycUFVGagb1G wjxkcgaQck7E0nqXclGFTJctDT/Paw4OeBov7CmDFnk5nBdpYnf3uyASyw1r8y9xkadnFMu CstZFgOG4gGNrzDHgVN8g== X-UI-Out-Filterresults: notjunk:1; Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/gNXZIL3nrJmc0MExwxftOosJ-fk Subject: Re: [perpass] OpenPGP mail/news header X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2014 14:32:57 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --4keqvQ23XtgBSwNhjaoKsqQRNKE9fnSFa Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Simon, just today I enjoyed reading this blog post: http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.htm= l Ciao Hannes On 08/28/2014 04:00 PM, Simon Josefsson wrote: > Folks, >=20 > I have updated a six (!) year old document describing the OpenPGP > mail/news header field. As it encourages and promotes use of > encrypted/signed email, I thought it would be relevant to this list. > All feedback is appreciated, either directly to me or here. >=20 > http://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07 >=20 > /Simon >=20 >=20 >=20 > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass >=20 --4keqvQ23XtgBSwNhjaoKsqQRNKE9fnSFa Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQEcBAEBCgAGBQJT/z2GAAoJEGhJURNOOiAtoR4H/jyIobwGAjwZrVgHepX8RTTC 3CT7eWIWtOCa0FcSp8PgUSKcZ2TsPoaE5LUWZle5JoUkQVJyGaflPOnRu7W9LPWW QtBnzzU4+6RqbVlCgHo23wcoC4gia/wSfVH8zP2Sirxjrp0+wnLtPPZ3XDyA4L+3 Bp+FJWfhEk6PYxBNa9KZO7CdQfkIUs2tuspO8+cLHre6iACrMs2wMjAuJCyB/4WO oKfGZ/fIhjokOtIar31qMNQQbZlMb1MyDYhMxUq93uQs5LueBNjA+gOSIfvga1R6 11leDEdh8mExOjmBWnZRjQENidgkRE3j2L9oTj/shfxUdCkkQ5jW5vRW1/XkqBs= =g9lm -----END PGP SIGNATURE----- --4keqvQ23XtgBSwNhjaoKsqQRNKE9fnSFa-- From nobody Thu Aug 28 07:54:27 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFC5F1A06F7 for ; Thu, 28 Aug 2014 07:54:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.546 X-Spam-Level: X-Spam-Status: No, score=-1.546 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.668, URI_HEX=1.122] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BFdwEGoRNyuk for ; Thu, 28 Aug 2014 07:54:23 -0700 (PDT) Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D8C11A06F5 for ; Thu, 28 Aug 2014 07:54:23 -0700 (PDT) Received: from bofh.nohats.ca (bofh.nohats.ca [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id B46DD813B2; Thu, 28 Aug 2014 10:54:21 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1409237661; bh=FwGBh1QQvO0nBtem4SFfHbBoAeQlsArWlFmXDvclcrY=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=DvArZWukUoCE1N1Y05+yZa+tx5vKwajro9F/tPZL7s1sCjPfHtbO8A7edO/Rxa3Gm 7usOpWrf8k8lZbp5i2go8xesjFTFda0snMQJ1p++THLAyLM6EgBIBTXTXmD9EbPAvt PPNRC3dvTUjYV5GLnQuJCSwsFX1zp4qAGsJ6diHM= Received: from localhost (paul@localhost) by bofh.nohats.ca (8.14.7/8.14.7/Submit) with ESMTP id s7SEsLJ2017962; Thu, 28 Aug 2014 10:54:21 -0400 X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs Date: Thu, 28 Aug 2014 10:54:20 -0400 (EDT) From: Paul Wouters To: Simon Josefsson In-Reply-To: <20140828160043.76ae962f@latte.josefsson.org> Message-ID: References: <20140828160043.76ae962f@latte.josefsson.org> User-Agent: Alpine 2.10 (LFD 1266 2009-07-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/m1on5UBCBGUkdRQWLF0FDqGK47k Cc: perpass@ietf.org Subject: Re: [perpass] OpenPGP mail/news header X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2014 14:54:24 -0000 On Thu, 28 Aug 2014, Simon Josefsson wrote: > I have updated a six (!) year old document describing the OpenPGP > mail/news header field. As it encourages and promotes use of > encrypted/signed email, I thought it would be relevant to this list. > All feedback is appreciated, either directly to me or here. > > http://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07 I think it would be better to announce both keyid and fingerprint. Would it be better to use the longer keyid version? Should a warning be added to the Security Considerations about v3 keys being vulnerable to forging of fingerprints? See: https://github.com/coruus/cooperpair/tree/master/keysteak It would be nice to support OPENPGPKEY DNS records in header as well? either: OpenPGP: dns:paul@nohats.ca or OpenPGP: dns=ab16de0656382d91838914109ab89a0a4e04321550a1a20ace7a8b66._openpgpkey.nohats.ca Perhaps add a reference to: http://tools.ietf.org/html/draft-wouters-dane-openpgp Paul From nobody Thu Aug 28 12:26:26 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9D0E1A0196 for ; Thu, 28 Aug 2014 12:26:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.429 X-Spam-Level: X-Spam-Status: No, score=-0.429 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001, URI_HEX=1.122] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FRAbDq1hxwq6 for ; Thu, 28 Aug 2014 12:26:22 -0700 (PDT) Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D4A41A00D6 for ; Thu, 28 Aug 2014 12:26:21 -0700 (PDT) Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id s7SJQGC3016619 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 28 Aug 2014 21:26:17 +0200 From: Simon Josefsson To: Paul Wouters References: <20140828160043.76ae962f@latte.josefsson.org> OpenPGP: id=54265E8C; url=http://josefsson.org/54265e8c.txt X-Hashcash: 1:22:140828:perpass@ietf.org::ME3HyRODNFL19Uib:2eC3 X-Hashcash: 1:22:140828:paul@nohats.ca::h6+kSmisqVRTq0Rn:LzdY Date: Thu, 28 Aug 2014 21:26:15 +0200 In-Reply-To: (Paul Wouters's message of "Thu, 28 Aug 2014 10:54:20 -0400 (EDT)") Message-ID: <87bnr4za94.fsf@latte.josefsson.org> User-Agent: Gnus/5.130011 (Ma Gnus v0.11) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.98.4 at duva.sjd.se X-Virus-Status: Clean Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/SC720qBTM19qiLFyBAAiQB2-rqE Cc: perpass@ietf.org Subject: Re: [perpass] OpenPGP mail/news header X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2014 19:26:24 -0000 Paul Wouters writes: > On Thu, 28 Aug 2014, Simon Josefsson wrote: > >> I have updated a six (!) year old document describing the OpenPGP >> mail/news header field. As it encourages and promotes use of >> encrypted/signed email, I thought it would be relevant to this list. >> All feedback is appreciated, either directly to me or here. >> >> http://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07 > > I think it would be better to announce both keyid and fingerprint. > > Would it be better to use the longer keyid version? Both key id and full fingerprint are permitted. > Should a warning be added to the Security Considerations about v3 keys > being vulnerable to forging of fingerprints? > See: https://github.com/coruus/cooperpair/tree/master/keysteak There is already the following text: Version 3 OpenPGP keys can be created with a chosen key id (aka "the 0xDEADBEEF attack"). Verifying the Key ID of a retrieved key against the one provided in the field is thus not sufficient to protect against a man-in-the-middle attack. Instead, the web-of-trust mechanism should be used. > It would be nice to support OPENPGPKEY DNS records in header as well? > > either: > > OpenPGP: dns:paul@nohats.ca > > or > > OpenPGP: > dns=ab16de0656382d91838914109ab89a0a4e04321550a1a20ace7a8b66._openpgpkey.nohats.ca Should already be supported through RFC 4501, or am I missing something? OpenPGP: id=12345678; url=dns:ab16de0656382d91838914109ab89a0a4e04321550a1a20ace7a8b66._openpgpkey.nohats.ca?TYPE=OPENPGPKEY OpenPGP: id=12345678; url=dns:simon.josefsson.org?TYPE=CERT > Perhaps add a reference to: > > http://tools.ietf.org/html/draft-wouters-dane-openpgp Please propose some text to give the reference some context, and I'll consider it. :-) /Simon From nobody Fri Aug 29 08:05:48 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F8B31A04A9 for ; Fri, 29 Aug 2014 08:05:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.133 X-Spam-Level: X-Spam-Status: No, score=0.133 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.668] autolearn=unavailable Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p9F0p-lcawnQ for ; Fri, 29 Aug 2014 08:05:37 -0700 (PDT) Received: from smtp-in1.interdigital.com (smtp-in1.interdigital.com [64.208.228.133]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E7EA1A0462 for ; Fri, 29 Aug 2014 08:05:36 -0700 (PDT) X-ASG-Debug-ID: 1409324734-06daaa2eda98740001-gildfX Received: from smtp-out1.interdigital.com (sahara.interdigital.com [10.0.128.27]) by smtp-in1.interdigital.com with ESMTP id LCvWfAzeP91jqSnO; Fri, 29 Aug 2014 11:05:34 -0400 (EDT) X-Barracuda-Envelope-From: JuanCarlos.Zuniga@InterDigital.com Received: from SAM.InterDigital.com ([10.30.2.12]) by smtp-out1.interdigital.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 29 Aug 2014 11:05:32 -0400 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CFC39A.AD51DDDA" Date: Fri, 29 Aug 2014 11:05:30 -0400 X-ASG-Orig-Subj: IEEE 802 EC Privacy Recommendation SG - CFP and telcos X-MimeOLE: Produced By Microsoft Exchange V6.5 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: IEEE 802 EC Privacy Recommendation SG - CFP and telcos Thread-Index: Ac/DmYYXzC3ac61LRfCIVjbeJfUo1w== From: "Zuniga, Juan Carlos" To: , X-OriginalArrivalTime: 29 Aug 2014 15:05:32.0597 (UTC) FILETIME=[ADD71E50:01CFC39A] X-Barracuda-Connect: sahara.interdigital.com[10.0.128.27] X-Barracuda-Start-Time: 1409324734 X-Barracuda-URL: http://10.1.245.3:8000/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at interdigital.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=HTML_MESSAGE X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.8954 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 HTML_MESSAGE BODY: HTML included in message Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/zeHz-33MafG-XBUhUtNg1qJy1Ws Subject: [perpass] IEEE 802 EC Privacy Recommendation SG - CFP and telcos X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: "Zuniga, Juan Carlos" List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Aug 2014 15:05:42 -0000 This is a multi-part message in MIME format. ------_=_NextPart_001_01CFC39A.AD51DDDA Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable (sorry about cross-posting) =20 Hi all, =20 At the past SAAG meeting in Toronto the creation of a new IEEE 802 Study Group (SG) on Privacy Recommendations for Link Layer technologies was announced (http://www.ietf.org/proceedings/90/slides/slides-90-saag-1.pdf).=20 =20 The IEEE 802 EC Privacy Recommendation SG has now document repository and email reflector (i.e. email list) setup.=20 Details on how to join the email list as well as on the group in general can be found here: http://www.ieee802.org/PrivRecsg/ =20 The SG is soliciting input documentation to progress the development of the work. The Study Group particularly seeks inputs on the following topics: (1) Privacy Issues at Link Layer (2) Threat Model for Privacy at Link Layer (3) Proposals regarding functionalities in IEEE 802 protocols to improve Privacy (4) Proposals regarding measuring levels of Privacy on Internet protocols =20 The group will hold a teleconference on 3 September 2014, 10:00 ET. Teleconference connection details as well as an agenda will be distributed prior to the call on the "stds-802-privacy" email list (details on the group's web page). =20 If you have any questions, please contact me by replying privately to this email. =20 Regards, =20 Juan Carlos =20 ------_=_NextPart_001_01CFC39A.AD51DDDA Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

(sorry = about cross-posting)

 

Hi = all,

 

At the past SAAG meeting in Toronto the creation of a = new IEEE 802 Study Group (SG) on Privacy Recommendations for Link Layer = technologies was announced (h= ttp://www.ietf.org/proceedings/90/slides/slides-90-saag-1.pdf). =

 

The IEEE 802 EC Privacy Recommendation SG has now = document repository and email reflector (i.e. email list) setup. =

Details on how to join the email = list as well as on the group in general can be found here: http://www.ieee802.org/PrivRec= sg/

 

The SG is soliciting input documentation to progress = the development of the work. The Study Group particularly seeks inputs = on the following topics:

(1)    = Privacy Issues at Link Layer

(2)    = Threat Model for Privacy at Link = Layer

(3)    = Proposals regarding functionalities in IEEE 802 = protocols to improve Privacy

(4)    = Proposals regarding measuring levels of Privacy = on Internet protocols

 

The group = will hold a teleconference on 3 September 2014, 10:00 ET. Teleconference = connection details as well as an agenda will be distributed prior to the = call on the “stds-802-privacy” email list (details on the = group’s web page).

 

If you have = any questions, please contact me by replying privately to this = email.

 

Regards,

 

Juan Carlos

 

------_=_NextPart_001_01CFC39A.AD51DDDA--