From nobody Mon Aug 10 11:24:08 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CE1B1B3B20 for ; Mon, 10 Aug 2015 11:24:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 99yVxAZ1WAvG for ; Mon, 10 Aug 2015 11:24:05 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 533D21B3B21 for ; Mon, 10 Aug 2015 11:23:32 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 28850BE9C for ; Mon, 10 Aug 2015 19:23:31 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QF3Ovmrtmj-5 for ; Mon, 10 Aug 2015 19:23:29 +0100 (IST) Received: from [10.87.48.73] (unknown [86.46.29.218]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id A4104BE9A for ; Mon, 10 Aug 2015 19:23:29 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1439231009; bh=Ri8TjSRrwIGCENfzH1kW468l1+m4Ta+YsQwJGvkEwqU=; h=Date:From:To:Subject:References:In-Reply-To:From; b=qYT+VoGniLP8c6LpjRqdNAY+BKnT2Xpk7Ivscj/cyyCb/+fcKTCTHyO+vh5R2OQ6s II3Pu91Kb9oManneiA9JURPXBTaOiVsaMjo2rgbGKr4zSdusvxKACtjz5x/KPm3h6g e019hpagXXQsjp3dmgCdboEiM3sNUI93MPaNtLrA= Message-ID: <55C8EC21.3020408@cs.tcd.ie> Date: Mon, 10 Aug 2015 19:23:29 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: perpass References: <20150810171306.11047.24159.idtracker@ietfa.amsl.com> In-Reply-To: <20150810171306.11047.24159.idtracker@ietfa.amsl.com> OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: [perpass] Fwd: Last Call: Recognising RFC1984 as a BCP X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Aug 2015 18:24:06 -0000 FYI. I forget if this was mentioned on here before, but it's been discussed on the saag list and at the saag session in Prague. As it says below, please send comments if any to ietf@ietf.org (or exceptionally to iesg@ietf.org). Thanks, S -------- Forwarded Message -------- Subject: Last Call: Recognising RFC1984 as a BCP Date: Mon, 10 Aug 2015 10:13:06 -0700 From: The IESG Reply-To: ietf@ietf.org To: IETF-Announce The IESG has received a request from an individual participant to make the following status changes: - RFC1984 from Informational to Best Current Practice (IAB and IESG Statement on Cryptographic Technology and the Internet) The supporting document for this request can be found here: https://datatracker.ietf.org/doc/status-change-rfc1984-to-best-current-practice/ The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-09-07. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. The affected document can be obtained via https://datatracker.ietf.org/doc/rfc1984/ IESG discussion of this request can be tracked via https://datatracker.ietf.org/doc/status-change-rfc1984-to-best-current-practice/ballot/ From nobody Fri Aug 21 03:25:52 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4484D1A6FF1 for ; Fri, 21 Aug 2015 03:25:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vQ_0HD_iX5AO for ; Fri, 21 Aug 2015 03:25:47 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 533451A6FEC for ; Fri, 21 Aug 2015 03:25:47 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 67C22BF39 for ; Fri, 21 Aug 2015 11:25:45 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tMc9fo1boy99 for ; Fri, 21 Aug 2015 11:25:45 +0100 (IST) Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3C4BEBF38 for ; Fri, 21 Aug 2015 11:25:45 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1440152745; bh=N11Rz8uxDQlLKj1igvKsCspBSDtOadEmeggmsSfo/4Y=; h=Date:From:To:Subject:References:In-Reply-To:From; b=yrRz/Douoc4ZUpapMJ8Slvxluu+ls9pHyN0er3m85G4di8OeCtobO2Nutd6whLX+0 oRSw+niPJJN2fxyb72jaOKfpSSnJ1xriYqOg1/oOIAifun5e7cIHLp80n/2nwW4kGO mZsfbkbJ+OpylT6Y6aqo259EGSKA25gdwU8/W2bI= Message-ID: <55D6FCA9.2080908@cs.tcd.ie> Date: Fri, 21 Aug 2015 11:25:45 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: perpass References: <20150820223438.36C24180207@rfc-editor.org> In-Reply-To: <20150820223438.36C24180207@rfc-editor.org> OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= X-Forwarded-Message-Id: <20150820223438.36C24180207@rfc-editor.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: [perpass] Fwd: RFC 7624 on Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Aug 2015 10:25:50 -0000 Hiya, Just closing the loop on another bit of promised work that has been completed - well done and thanks to all who helped! And don't forget that this list is still the right place to suggest potential new bits of work the IETF could be doing in this space. (This list being where we do triage on such.) Cheers, S. -------- Forwarded Message -------- Subject: RFC 7624 on Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement Date: Thu, 20 Aug 2015 15:34:38 -0700 (PDT) From: rfc-editor@rfc-editor.org Reply-To: ietf@ietf.org To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org CC: rfc-editor@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 7624 Title: Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement Author: R. Barnes, B. Schneier, C. Jennings, T. Hardie, B. Trammell, C. Huitema, D. Borkmann Status: Informational Stream: IAB Date: August 2015 Mailbox: rlb@ipv.sx, schneier@schneier.com, fluffy@cisco.com, ted.ietf@gmail.com, ietf@trammell.ch, huitema@huitema.net, daniel@iogearbox.net Pages: 24 Characters: 62260 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-iab-privsec-confidentiality-threat-07.txt URL: https://www.rfc-editor.org/info/rfc7624 DOI: http://dx.doi.org/10.17487/RFC7624 Since the initial revelations of pervasive surveillance in 2013, several classes of attacks on Internet communications have been discovered. In this document, we develop a threat model that describes these attacks on Internet confidentiality. We assume an attacker that is interested in undetected, indiscriminate eavesdropping. The threat model is based on published, verified attacks. This document is a product of the Internet Architecture Board. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/rfc.html Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC From nobody Tue Aug 25 08:11:55 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F2661B34FA for ; Tue, 25 Aug 2015 08:11:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WhyKkA1YIlNz for ; Tue, 25 Aug 2015 08:11:54 -0700 (PDT) Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E906D1B34F0 for ; Tue, 25 Aug 2015 08:11:53 -0700 (PDT) Received: by wicja10 with SMTP id ja10so18208002wic.1 for ; Tue, 25 Aug 2015 08:11:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=cz/kLcFKPEt6enNx3F1GaNJoyZDohO7rzx3IlQsJ+TM=; b=BoExATo7oYaSEu/ADycyKWp2ArvXAkQNTUWJDjZNWR5JvuJfmz1SzKJWOdonYJn+gp 0JyAKC7PCPMwuBr7nemL5/ByGgtJ+CpXd4XIDEXm1R8Y7kVYBHWpTOd/5xksLXUT8PS7 IN0HTg2jkbaS6bM8hNwtIAuJku04/Kl4xlJO8gjWZQPPadAEt7HgGQEOpWGbHc8DjaiY AcRc2yUGsnOF03nF9fedFFfpVcNu34rx8MoD40FtLyXb4d8ZRITEskFqCmo3lbhyDVPZ d5CvRevMm3iF+3r7TySgz3olHxQXNAlZBsacwmdN3wHip1+1lLQtOCBdRQtr8zYCFj2t ty4A== MIME-Version: 1.0 X-Received: by 10.194.2.9 with SMTP id 9mr49439537wjq.95.1440515512617; Tue, 25 Aug 2015 08:11:52 -0700 (PDT) Received: by 10.28.157.84 with HTTP; Tue, 25 Aug 2015 08:11:52 -0700 (PDT) Date: Tue, 25 Aug 2015 11:11:52 -0400 Message-ID: From: Kathleen Moriarty To: "perpass@ietf.org" Content-Type: text/plain; charset=UTF-8 Archived-At: Subject: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Aug 2015 15:11:55 -0000 Hi, I posted a question to SAAG and would like to see where we are at on consensus around a statement that keeps showing up in drafts. If you could take a look at my message to SAAG (and the thread) and chime in there, it would be helpful to know where we are at. I might be in the rough, but I'm not so sure that I am... https://mailarchive.ietf.org/arch/msg/saag/PXrRghfHM-OBj2Y2TniuKptpKCs Thank you! -- Best regards, Kathleen From nobody Wed Aug 26 12:09:42 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3E9A1A1BBD for ; Wed, 26 Aug 2015 12:09:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.01 X-Spam-Level: X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fkL31MaqpUqf for ; Wed, 26 Aug 2015 12:09:40 -0700 (PDT) Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E90171A0364 for ; Wed, 26 Aug 2015 12:09:39 -0700 (PDT) Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3n1cFF6rdMz36H; Wed, 26 Aug 2015 21:09:37 +0200 (CEST) Authentication-Results: mx.nohats.ca; dkim=pass (1024-bit key) header.d=nohats.ca header.i=@nohats.ca header.b=MRYACyNz X-OPENPGPKEY: Message passed unmodified X-Virus-Scanned: amavisd-new at mx.nohats.ca Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 8mqeB0M-vG9u; Wed, 26 Aug 2015 21:09:36 +0200 (CEST) Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 26 Aug 2015 21:09:36 +0200 (CEST) Received: from bofh.nohats.ca (bofh.nohats.ca [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 267D28009D; Wed, 26 Aug 2015 15:09:35 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1440616175; bh=1LAgSWysQ17nP7uFFIitkOX1/QarTjZ6oTKlDFC/vuU=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=MRYACyNzonWQthXp4d4PyYPC+6IO8T1y7yIP3v13TQDxsAtM2ePgD/pxW3y7iHOT0 8bpEntyFX94/Z/YrTT8aI6o9q1McJeGvzccv2/lfbyEN3XccXpxWvHqGAq7ot6JUC/ aS5T0leVv0J5TyRIL3mzA14rDC6uocz8IToUqgxE= Received: from localhost (paul@localhost) by bofh.nohats.ca (8.15.2/8.15.2/Submit) with ESMTP id t7QJ9Y1J023071; Wed, 26 Aug 2015 15:09:34 -0400 X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs Date: Wed, 26 Aug 2015 15:09:34 -0400 (EDT) From: Paul Wouters To: Kathleen Moriarty In-Reply-To: Message-ID: References: User-Agent: Alpine 2.20 (LFD 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Archived-At: Cc: "perpass@ietf.org" Subject: Re: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Aug 2015 19:09:42 -0000 On Tue, 25 Aug 2015, Kathleen Moriarty wrote: > I posted a question to SAAG and would like to see where we are at on > consensus around a statement that keeps showing up in drafts. > > If you could take a look at my message to SAAG (and the thread) and > chime in there, it would be helpful to know where we are at. I might > be in the rough, but I'm not so sure that I am... > > https://mailarchive.ietf.org/arch/msg/saag/PXrRghfHM-OBj2Y2TniuKptpKCs Actually, I agree with you. I do not like the use of "weaker algorithms" for Opportunstic Security. There is no valid reason to design anything that is "weaker" in strength (eg keysize). I think what might have been meant is "unauthenticated" versus "authenticated". And that also turns "weak" and "advanced" attacker into "passive" and "active" attackers. I think that would be more inline with the discussions we have had regarding opportunistic security. I have never heard of a proposal from anyone that said "use AES128 for opportunistc and AES256 for preconfigured security". Paul From nobody Wed Aug 26 14:22:28 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BA9D1B307C for ; Wed, 26 Aug 2015 14:22:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.5 X-Spam-Level: X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZvWRcZctP0_j for ; Wed, 26 Aug 2015 14:22:25 -0700 (PDT) Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2ADF51B2FB4 for ; Wed, 26 Aug 2015 14:22:25 -0700 (PDT) Received: from [192.168.1.120] (104-60-96-29.lightspeed.sntcca.sbcglobal.net [104.60.96.29]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id t7QLMMpd005242 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Wed, 26 Aug 2015 14:22:22 -0700 References: To: Paul Wouters , Kathleen Moriarty From: Dave Crocker Organization: Brandenburg InternetWorking Message-ID: <55DE2E05.3010505@dcrocker.net> Date: Wed, 26 Aug 2015 14:22:13 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Wed, 26 Aug 2015 14:22:23 -0700 (PDT) Archived-At: Cc: "perpass@ietf.org" Subject: Re: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Aug 2015 21:22:26 -0000 On 8/26/2015 12:09 PM, Paul Wouters wrote: > Actually, I agree with you. I do not like the use of "weaker algorithms" > for Opportunstic Security. > > There is no valid reason to design anything that is "weaker" in strength > (eg keysize). This sort of decision hinges on agreeing what the required minimum capabilities are, below which it isn't worth doing anything. "strength" of algorithms, size of keys, paradigm of algorithms, whatever is deemed basic to effecting the required protection. d -- Dave Crocker Brandenburg InternetWorking bbiw.net From nobody Thu Aug 27 02:04:22 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE95B1A8784 for ; Thu, 27 Aug 2015 02:04:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hHCO_vj2JIg for ; Thu, 27 Aug 2015 02:04:19 -0700 (PDT) Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0098.outbound.protection.outlook.com [207.46.100.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 078AC1A879C for ; Thu, 27 Aug 2015 02:04:19 -0700 (PDT) Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1837.namprd06.prod.outlook.com (10.162.133.17) with Microsoft SMTP Server (TLS) id 15.1.256.15; Thu, 27 Aug 2015 09:04:16 +0000 Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0256.013; Thu, 27 Aug 2015 09:04:16 +0000 From: Robin Wilton To: Kathleen Moriarty Thread-Topic: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security Thread-Index: AQHQ4DLIkjWCZnoXAUeZroiu90Bt2J4fjkx/ Date: Thu, 27 Aug 2015 09:04:15 +0000 Message-ID: <13ADC351-B15C-47BD-91E1-96BC9E33596A@isoc.org> References: , In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=wilton@isoc.org; x-originating-ip: [94.174.34.240] x-microsoft-exchange-diagnostics: 1; SN1PR06MB1837; 5:rHWL7HWRzZrG4th4kxCdFE+b2GBXWn2Cpwps6mbPlCcbD6NTl3+vBizAo+sZheLy/Ho2WKTGSvEC+CWQsIwufMvL4XoMg+ww3FVMxpziugvtkZYjHFArSCCqfnY+DXnU2NEy0ACg6dOrHfY0Fbfzmg==; 24:l9D8SC5r+lGUYY+JWUsJoVLeeH0GZ2bmkcfwDUhhaMg+CQZiCXFOeJRR0PCrge1vq2a9eicU8OusOzST1Gj8SkKQzsUE+x6Ozb07mtBnGrQ=; 20:mMrx0x+Idz0cuRcgDF0thXusemUZpQqsMAIRFvngdpiuuOC1ATS3LnPS/AvvKIBk3ho17ZOkyx/x7GomqW1bzQ== x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1837; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(8121501046)(3002001); SRVR:SN1PR06MB1837; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1837; x-forefront-prvs: 06818431B9 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(24454002)(189002)(129404003)(199003)(51444003)(15975445007)(10400500002)(102836002)(66066001)(86362001)(40100003)(122556002)(81156007)(64706001)(77096005)(36756003)(68736005)(19580405001)(97736004)(5007970100001)(87936001)(5002640100001)(77156002)(5004730100002)(2656002)(62966003)(19580395003)(4001540100001)(101416001)(50986999)(5001960100002)(82746002)(110136002)(46102003)(189998001)(5001920100001)(5001830100001)(5001860100001)(83716003)(2900100001)(2950100001)(561944003)(92566002)(99286002)(33656002)(106116001)(105586002)(54356999)(106356001)(76176999)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1837; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts) spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: isoc.org X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Aug 2015 09:04:15.6299 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1837 Archived-At: Cc: "perpass@ietf.org" , Paul Wouters Subject: Re: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Aug 2015 09:04:20 -0000 Thanks Kathleen, To me, the issue with that para. 2.9 as drafted is one of logic and implici= t assumptions. "Using algorithms that are weak against advanced attackers but sufficient a= gainst others is a way to make pervasive surveillance significantly more di= fficult." In my naive threat analysis, the entities doing pervasive surveillance are = precisely advanced attackers (e.g. state intelligence agencies with access = to massive-bandwidth data, colossal storage and enormous processor power...= and the expertise to design and implement sophisticated attacks). On that = basis, terms like "weak", "sufficient", and "significantly more difficult" = seem to me to beg the question. To get down to specifics; suppose we're talking about 1990s-style crypto-wa= rs and symmetric algorithms. Would para. 2.9 help us to decide whether, say= , 40-bit CDMA increases the work factor sufficiently, over unencrypted traf= fic, to be worth deploying? Or would we hold out for 56-bit DES?=20 I'm sure there's a valid principle lurking under para. 2.9, but I'm not sur= e it is currently expressed explicitly enough to provide useful guidance. M= aybe that's OK... if explicit guidance is provided elsewhere and I just hav= en't read it yet. Hope this helps, Robin Robin Wilton Technical Outreach Director - Identity and Privacy On 26 Aug 2015, at 20:09, "Paul Wouters" wrote: > On Tue, 25 Aug 2015, Kathleen Moriarty wrote: >=20 >> I posted a question to SAAG and would like to see where we are at on >> consensus around a statement that keeps showing up in drafts. >>=20 >> If you could take a look at my message to SAAG (and the thread) and >> chime in there, it would be helpful to know where we are at. I might >> be in the rough, but I'm not so sure that I am... >>=20 >> https://mailarchive.ietf.org/arch/msg/saag/PXrRghfHM-OBj2Y2TniuKptpKCs >=20 > Actually, I agree with you. I do not like the use of "weaker algorithms" > for Opportunstic Security. >=20 > There is no valid reason to design anything that is "weaker" in strength > (eg keysize). I think what might have been meant is "unauthenticated" > versus "authenticated". And that also turns "weak" and "advanced" > attacker into "passive" and "active" attackers. I think that would be > more inline with the discussions we have had regarding opportunistic > security. I have never heard of a proposal from anyone that said "use > AES128 for opportunistc and AES256 for preconfigured security". >=20 > Paul >=20 > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass From nobody Thu Aug 27 05:24:30 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76F9A1B2B58 for ; Thu, 27 Aug 2015 05:24:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D_TdyddrnMVd for ; Thu, 27 Aug 2015 05:24:26 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F11E1B29F8 for ; Thu, 27 Aug 2015 05:24:26 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id AFA34BE9C for ; Thu, 27 Aug 2015 13:24:24 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJ7kCG8GPK1E for ; Thu, 27 Aug 2015 13:24:24 +0100 (IST) Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 8514FBE98 for ; Thu, 27 Aug 2015 13:24:24 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1440678264; bh=WEZEogJGPShb0cfz9RZsvdLxG7+iRmTLBRuY7O8qLKQ=; h=Date:From:To:Subject:References:In-Reply-To:From; b=RAAP0NKZgoXcjJ/3ZSNJqj4Dcdn1u7AA+sA0sQh0jbIJ2kip0qD9hV9tMkQR7tfRx MhuVgOS82MVtUauMtWGMnDHKuBIKwazo9LbG/FTFTB8k+3soCQPFO0LF3lBFPt0qJS abkNetuNS8z9ZSOM/CWOQc3ArXvKyRvUffnlSLLo= Message-ID: <55DF0178.2020301@cs.tcd.ie> Date: Thu, 27 Aug 2015 13:24:24 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: perpass References: <20150827025452.1530D18046D@rfc-editor.org> In-Reply-To: <20150827025452.1530D18046D@rfc-editor.org> OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= X-Forwarded-Message-Id: <20150827025452.1530D18046D@rfc-editor.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: [perpass] Fwd: RFC 7619 on The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Aug 2015 12:24:28 -0000 I think this was also initially suggested on this list, so another loop closing ceremony is due :-) Cheers, S. PS: I've not posted similarly on the DPRIVE RFC7626 as I think starting DPRIVE was the loop closing for that, but 7626 is a fine thing as well. -------- Forwarded Message -------- Subject: RFC 7619 on The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) Date: Wed, 26 Aug 2015 19:54:52 -0700 (PDT) From: rfc-editor@rfc-editor.org Reply-To: ietf@ietf.org To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org CC: ipsec@ietf.org, drafts-update-ref@iana.org, rfc-editor@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 7619 Title: The NULL Authentication Method in the Internet Key Exchange Protocol Version 2 (IKEv2) Author: V. Smyslov, P. Wouters Status: Standards Track Stream: IETF Date: August 2015 Mailbox: svan@elvis.ru, pwouters@redhat.com Pages: 12 Characters: 24593 Updates: RFC 4301 I-D Tag: draft-ietf-ipsecme-ikev2-null-auth-07.txt URL: https://www.rfc-editor.org/info/rfc7619 DOI: http://dx.doi.org/10.17487/RFC7619 This document specifies the NULL Authentication method and the ID_NULL Identification Payload ID Type for Internet Key Exchange Protocol version 2 (IKEv2). This allows two IKE peers to establish single-side authenticated or mutual unauthenticated IKE sessions for those use cases where a peer is unwilling or unable to authenticate or identify itself. This ensures IKEv2 can be used for Opportunistic Security (also known as Opportunistic Encryption) to defend against Pervasive Monitoring attacks without the need to sacrifice anonymity. This document is a product of the IP Security Maintenance and Extensions Working Group of the IETF. This is now a Proposed Standard. STANDARDS TRACK: This document specifies an Internet Standards Track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the Official Internet Protocol Standards (https://www.rfc-editor.org/standards) for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/rfc.html Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC From nobody Thu Aug 27 10:23:20 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37E9D1B2E21 for ; Thu, 27 Aug 2015 10:23:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FLhYQn36PfqP for ; Thu, 27 Aug 2015 10:23:15 -0700 (PDT) Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fece:1902]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02EF91B3CD9 for ; Thu, 27 Aug 2015 10:23:09 -0700 (PDT) Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 02D643BB59; Thu, 27 Aug 2015 19:23:07 +0200 (CEST) Received: by mail.sources.org (Postfix, from userid 1000) id 47AB61908B4; Thu, 27 Aug 2015 19:18:57 +0200 (CEST) Date: Thu, 27 Aug 2015 19:18:57 +0200 From: Stephane Bortzmeyer To: perpass@ietf.org Message-ID: <20150827171857.GA30264@sources.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="x+6KMIRAuhnl3hBn" Content-Disposition: inline X-Transport: UUCP rules X-Operating-System: Debian GNU/Linux 8.1 X-Charlie: Je suis Charlie User-Agent: Mutt/1.5.23 (2014-03-12) Archived-At: Subject: [perpass] [dns-privacy] RFC 7626 on DNS Privacy Considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Aug 2015 17:23:18 -0000 --x+6KMIRAuhnl3hBn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline This project started in perpass less than two years ago. Thanks to everyone. We deliver :-) --x+6KMIRAuhnl3hBn Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: stephane@sources.org Delivered-To: stephane@sources.org Received: by mail.sources.org (Postfix, from userid 10) id 88FC5190ABF; Thu, 27 Aug 2015 19:13:09 +0200 (CEST) Received: from mx4.nic.fr (mx4.nic.fr [192.134.4.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.bortzmeyer.org (Postfix) with ESMTPS id 8F5773BB51 for ; Thu, 27 Aug 2015 19:11:59 +0200 (CEST) Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 8602628032D for ; Thu, 27 Aug 2015 19:11:59 +0200 (CEST) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 7F20C280314 for ; Thu, 27 Aug 2015 19:11:59 +0200 (CEST) Received: from bortzmeyer.nic.fr (unknown [IPv6:2001:67c:1348:7::86:133]) by relay1.nic.fr (Postfix) with ESMTP id 7B1684C0006 for ; Thu, 27 Aug 2015 19:11:29 +0200 (CEST) Resent-From: Stephane Bortzmeyer Resent-Date: Thu, 27 Aug 2015 19:11:29 +0200 Resent-Message-ID: <20150827171129.GA21916@nic.fr> Resent-To: stephane@sources.org Received: from hebe.prod-int.prive.th3.nic.fr [10.1.81.80] by batilda.nic.fr with IMAP (fetchmail-6.3.26) for (single-drop); Thu, 27 Aug 2015 04:59:13 +0200 (CEST) Received: from hebe.prod-int.prive.th3.nic.fr (LHLO zimbra.afnic.fr) (10.1.81.80) by zimbra.afnic.fr with LMTP; Thu, 27 Aug 2015 04:57:39 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by zimbra.afnic.fr (Postfix) with ESMTP id 85AFF2D7C033 for ; Thu, 27 Aug 2015 04:57:39 +0200 (CEST) X-Spam-Flag: NO X-Spam-Score: -3.567 X-Spam-Level: X-Spam-Status: No, score=-3.567 tagged_above=-10 required=6.6 tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RP_MATCHES_RCVD=-0.668] autolearn=unavailable autolearn_force=no Authentication-Results: zimbra.afnic.fr (amavisd-new); dkim=pass (1024-bit key) header.d=ietf.org Received: from zimbra.afnic.fr ([127.0.0.1]) by localhost (zimbra.afnic.fr [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id PurwDjpJa2fm for ; Thu, 27 Aug 2015 04:57:39 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by zimbra.afnic.fr (Postfix) with ESMTP id 0EAB12D7C0D7 for ; Thu, 27 Aug 2015 04:57:39 +0200 (CEST) X-Virus-Scanned: amavisd-new at zimbra.afnic.fr Received: from zimbra.afnic.fr ([127.0.0.1]) by localhost (zimbra.afnic.fr [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id DwiI3vYqcHyE for ; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by zimbra.afnic.fr (Postfix) with ESMTP id EB5062D7C033 for ; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: by relay1.nic.fr (Postfix) id E97E24C000F; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: from mx5.nic.fr (mx5.nic.fr [IPv6:2001:67c:2218:2::4:13]) by relay1.nic.fr (Postfix) with ESMTP id E8BEC4C0006 for ; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: from mx5.nic.fr (localhost [127.0.0.1]) by mx5.nic.fr (Postfix) with SMTP id E737830017F for ; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: by mx5.nic.fr (Postfix, from userid 1137) id CD5A93002B3; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: from mail.ietf.org (mail.ietf.org [IPv6:2001:1900:3001:11::2c]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx5.nic.fr (Postfix) with ESMTPS id 67E0430017F for ; Thu, 27 Aug 2015 04:57:38 +0200 (CEST) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E6241A8A4C; Wed, 26 Aug 2015 19:55:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1440644131; bh=fK329TvspnPjNIa2NldufkVlWlGdEsqCTO9+U/CfNp0=; h=To:From:Message-Id:Date:Cc:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:MIME-Version: Content-Type:Content-Transfer-Encoding:Sender; b=vKdL3cGpQeM40+a59JBfaKTYC4rI7ibbnhYKbQxc4hP0pD3HuUG1TnrAKLmTocv62 oYwaSZFYlxvnMD/sPceV7y09R4mpR+DddW2BNo8m7uuA47p31Op7SJ1Y06kcu/HqDr WlYrMpjlhUBg4cYoRHm/Q3fP7swMrn4tZUsdE32M= X-Original-To: dns-privacy@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 319441A8A1B; Wed, 26 Aug 2015 19:55:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YPFaE1cRrI0x; Wed, 26 Aug 2015 19:55:28 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id D90C51A88B8; Wed, 26 Aug 2015 19:55:27 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id C8B8618046D; Wed, 26 Aug 2015 19:55:13 -0700 (PDT) To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org X-PHP-Originating-Script: 1005:ams_util_lib.php Old-From: rfc-editor@rfc-editor.org Message-Id: <20150827025513.C8B8618046D@rfc-editor.org> Date: Wed, 26 Aug 2015 19:55:13 -0700 (PDT) Archived-At: Cc: dns-privacy@ietf.org, rfc-editor@rfc-editor.org Old-Subject: [dns-privacy] RFC 7626 on DNS Privacy Considerations X-BeenThere: dns-privacy@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: dns-privacy-bounces@ietf.org Sender: "dns-privacy" X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.8.27.25118 X-PerlMx-Spam: Gauge=IIIIIIII, Probability=8%, Report=' MULTIPLE_RCPTS 0.1, HTML_00_01 0.05, HTML_00_10 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1800_1899 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, DKIM_SIGNATURE 0, HAS_X_PHP_SCRIPT 0, NO_REAL_NAME 0, URI_ENDS_IN_HTML 0, __ANY_URI 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_FROM 0, __HAS_LIST_HEADER 0, __HAS_LIST_HELP 0, __HAS_LIST_SUBSCRIBE 0, __HAS_LIST_UNSUBSCRIBE 0, __HAS_MSGID 0, __HAS_X_PHP_ORIG_SCRIPT 0, __HTTPS_URI 0, __MAL_TELEKOM_URI 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __MULTIPLE_RCPTS_CC_X2 0, __MULTIPLE_URI_TEXT 0, __SANE_MSGID 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_IN_BODY 0, __URI_NS ' Old-Subject: [dns-privacy] RFC 7626 on DNS Privacy Considerations Old-From: rfc-editor@rfc-editor.org X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Subject: [dns-privacy] RFC 7626 on DNS Privacy Considerations From: rfc-editor@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 7626 Title: DNS Privacy Considerations Author: S. Bortzmeyer Status: Informational Stream: IETF Date: August 2015 Mailbox: bortzmeyer+ietf@nic.fr Pages: 17 Characters: 43202 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-dprive-problem-statement-06.txt URL: https://www.rfc-editor.org/info/rfc7626 DOI: http://dx.doi.org/10.17487/RFC7626 This document describes the privacy issues associated with the use of the DNS by Internet users. It is intended to be an analysis of the present situation and does not prescribe solutions. This document is a product of the DNS PRIVate Exchange Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/rfc.html Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC _______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy --x+6KMIRAuhnl3hBn--