[Cryptography] FW: IAB Statement on Internet Confidentiality
Jay Sulzberger
jays at panix.com
Mon Nov 17 16:03:09 EST 2014
On Mon, 17 Nov 2014, alex at alten.org wrote:
> Hmm...the Reddit posting has had no responses.
>
> On a more serious note, the IAB statement below opens up a whole can of
> worms.
>
> 1. The vast bulk of the Internet protocols now and in the future already
> exist. How are we going to retrofit them or somehow deal with them? New
> secure protocols will be a tiny percentage of the installed base of insecure
> protocols.
>
> 2. You can't just encrypt/authenticate without dealing with key management,
> which adds more complexity and state to a protocol and supporting software.
> Is the IETF going to design a one-size fits all key management protocol?
>
> 3. You can't just add key management without dealing with policy
> adjudication. And you can't adjudicate without a (globally) scalable way to
> deal with the identity of humans and programs. How do we represent and store
> policy attributes and rules? Is this beyond the purview of the IAB? If so,
> whom does the IAB coordinate with?
>
> 4. You can't encrypt without dealing with legal issues, like supporting
> judicial warrants for "wire taps". We cannot ignore most (democratic?)
> societies' need to investigate crime. (I expect to get heated flame mail over
> this point.)
>
> 5. You can't successfully secure your comm links if your nodes are insecure.
> At the very least we will need to have operating systems that support
> something like a Biba integrity model for processes. And to do this we need
> some sort of Reference Monitor inside each OS. How can we do this without
> hardware support? And how do we get all the OS vendors to agree to secure
> their OS's in manner that supports these new (and retrofitted) protocols
> keying and policy needs?
>
> - Alex
ad 1: No, most new things start small.
ad 4: No, we need not negotiate with ourselves before building
and deploying stuff.
Here is one task which, if accomplished, may open a way forward:
Write and distribute a system, which two non-sysadmins can learn to
use in one full day, which provides:
A method of sending an encrypted file from the home computer of
Non-SA-A to the home computer of Non-SA-B. The system does not
require the use, at the application level, of a third party Net
connected machine.
Assumptions:
1. Non-SA-A's, and also Non-SA-B's, machine is a home machine
which sits behind a standard home router. The system may
require replacement of the home router.
2. Non-SA-A and Non-SA-B have met and exchanged some pieces of
paper, before the first transmission.
Lack of Objective: The system should not defend againt traffic
analysis.
I just now attempted to find a piece by John Walker, from about
twenty years ago, explaining the difficulty of traversing NAT in
order to make a home computer to home computer VOIP system. I
think this is the piece, though it is about more than just NAT
and home computer telephony:
http://www.fourmilab.ch/documents/digital-imprimatur/
oo--JS.
>
>
> Quoting ianG <iang at iang.org>:
>
>> For what it is worth, I twittered the below statement last night, and it
>> got 2 orders of magnitude more response than anything I've ever said. I
>> conclude that the IAB's statement has struck a public nerve; there is clear
>> approval in the public's mind.
>>
>> iang
>>
>> ps; I submit that this is a sensible top-post ;)
>>
>>
>> On 14/11/2014 13:46 pm, Salz, Rich wrote:
>>>
>>> -----Original Message-----
>>> From: IAB Chair [mailto:iab-chair at iab.org]
>>> Sent: Friday, November 14, 2014 4:26 AM
>>> To: IETF Announce
>>> Cc: IAB; IETF
>>> Subject: IAB Statement on Internet Confidentiality
>>>
>>> Please find this statement issued by the IAB today.
>>>
>>> On behalf of the IAB,
>>> Russ Housley
>>> IAB Chair
>>>
>>> = = = = = = = = = = = = =
>>>
>>> IAB Statement on Internet Confidentiality
>>>
>
> --
> Alex Alten
> alex at alten.org
>
More information about the cryptography
mailing list