Tom: The fundamental task for the IETF is not to force privacy on
everyone, but to make sure that they have the choice. Even where the
IETF thinks something should be mandatory to deploy, that doesn't have
to mean crypto.
Scott
On Fri, Dec 6, 2013 at 4:31 AM, t.p. <daedulus(_at_)btconnect(_dot_)com> wrote:
I oppose publication of this I-D by the IETF.
The point has already been that better defences against monitoring
likely means greater use of encryption and encryption is at times
harmful. Two examples come immediately to mind.
Not long ago, a capital city was subject to riots which were more
extensive, and went on for longer, than might have been expected.
Afterwards, the police explained that they had lacked the intelligence
that they usually had, that the organisers of the riots had been using
encryption to communicate and that the police had been unable to crack
their messages. (I understand that the manufacturers of the devices in
question had declined to help the civil power). And yes, that capital
city is where the IETF will meet next March. (The probabliity of you
being caught up in a riot then is very small but if you are, recall that
encryption has made it worse).
Secondly, a few days ago, there was a report of the user of a well-known
brand of TV finding that the TV set was monitoring his behaviour, not
just what he watched but anything else that he did with the TV, such as
loading pen drives and viewing pictures, and passing that data back to
the manufacturer. The report said that the user was Internet aware,
realised that the traffic patterns did not correspond to his usage and
could intercept the traffic and see what was happening (passive
monitoring? MITM attack?). I do not know whether the data was in the
clear or whether the encryption was weak enough to be cracked but if it
had been strong, then the user could not have found out what he did; and
the manufacturer might be fobbing us off with a story about gathering
environmental data, such as the rate of wear of the silicon, in order to
reduce the set's contribution to global warming.
One future posited for IPv6 is that every device with power - cars,
washing machines, hair dryers etc - will be Internet connected and so,
potentially, will act as that TV did; and when they use strong
encryption, we will unable to tell what they are doing.
Encryption has its dangers and the IETF should not be encouraging its
widespread adoption.
Tom Petch
----- Original Message -----
From: "Jari Arkko" <jari(_dot_)arkko(_at_)piuha(_dot_)net>
To: <ietf(_at_)ietf(_dot_)org>
Sent: Wednesday, December 04, 2013 4:45 AM
Subject: Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive
Monitoring is an Attack) to Best Current Practice
I wanted to draw your attention on this last call:
The IESG has received a request from an individual submitter to
consider
the following document:
- 'Pervasive Monitoring is an Attack'
<draft-farrell-perpass-attack-02.txt> as Best Current Practice
http://datatracker.ietf.org/doc/draft-farrell-perpass-attack/
It is a short read and important, so please comment. The last call ends
in four weeks and covers holiday time, but we'll deal with this document
on the January 9th telechat in the IESG, so in practice there should be
enough time to comment.
I would like to see this document as a high-level policy we have on
dealing with this particular type of vulnerabilities in the Internet. A
little bit like RFC 3365 "Danvers Doctrine" was on weak vs. strong
security. Please remember that the details and tradeoffs for specific
solutions are for our WGs to consider and not spelled out here. The
draft does say "where possible" - I do not want to give the impression
that our technology can either fully prevent all vulnerabilities or do
it in all situations. There are obviously aspects that do not relate to
communications security (like access to content by your peer) and there
are many practical considerations that may not make it possible to
provide additional privacy protection even when we are talking about the
communications part. But I do believe we need to consider these
vulnerabilities and do our best.
Jari