ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [saag] Is opportunistic unauthenticated encryption a waste of time?

2014-08-24 15:43:04
from [joel jaeggli] [Permanent Link] 
On 8/24/14 7:10 AM, Fernando Gont wrote:

On 08/23/2014 06:05 PM, Bernard Aboba wrote:



However, say we're wrong and someone who thinks OS is a waste
of time is actually correct, what would such a person recommend
that we do as well as, or instead of, OS?


[BA] It depends on who we are trying to protect, and from what (or whom).  

If the target is protection of dissidents from oppressive regimes, then
you need something much more comprehensive than 'unauthenticated
opportunistic encryption" (e.g. along the lines of Tor). 


It is quite often the case that, under oppressive regimes, using
encryption technology will already flag you as "suspect" (if not
"guilty"). So in that case, you'd probably want to use something
probably want something more like a cover channel in those scenarios.


it's already implausible in many cases  to seperate the sheep from the
goats.

When was the last time you did a google search or accessed a twitter
feed in the clear?


Cheers,

Attachment: signature.asc
Description: OpenPGP digital signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Brian E Carpenter
Next by Date:  Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Fernando Gont
Previous by Thread:  Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Dave Crocker
Next by Thread:  Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Fernando Gont
Indexes:  [Date] [Thread] [Top] [All Lists]