Re: [saag] Is opportunistic unauthenticated encryption a waste of time?

On Fri, Aug 22, 2014 at 07:13:54PM -0700, Bernard Aboba wrote:

The first assertion, is likely to
be proven false by the first gear to include built-in
man-in-the-middle attack support.  Care to wager which appears
first, carrier-class gear supporting man-in-the-middle attacks, or
significant deployment of "opportunistic" encryption?


This assumes that the telecom carriers and/or the suppliers of the
carrier grade equipment would cooperate with the nation-states in
question.  That could happen, certainly, but it becomes much more
difficult to do this surreptitiously.

This won't help in a totalitarian regime, certainly, but in democratic
societies having law enforcement agencies engaging in mass,
surreptitious surveilance might be less likely to be tolerated.

Cheers,

                                                        - Ted

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), (continued) Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Phillip Hallam-Baker Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Viktor Dukhovni RE: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), l.wood Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Paul Wouters Re: [saag] : Review of: Opportunistic Security -03 preview for comment, Stephen Kent Re: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Nico Williams RE: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), l.wood Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Viktor Dukhovni RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Theodore Ts'o <= RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Christian Huitema Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Nico Williams RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Stephen Farrell RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Stephen Farrell Message not available Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Eric Burger Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Michael StJohns Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Brian E Carpenter Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Ted Hardie