<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none"><!--P{margin-top:0;margin-bottom:0;} .ms-cui-menu {background-color:#ffffff;border:1px rgb(171, 171, 171) solid;font-family:"Segoe UI WPC","Segoe UI",Tahoma,"Microsoft Sans Serif",Verdana,sans-serif;font-size:10pt;color:rgb(51, 51, 51);} .ms-cui-menusection-title {display:none;} .ms-cui-ctl {vertical-align:text-top;text-decoration:none;color:rgb(51, 51, 51);} .ms-cui-ctl-on {background-color:rgb(223, 237, 250);opacity: 0.8;} .ms-cui-img-cont-float {display:inline-block;margin-top:2px} .ms-cui-smenu-inner {padding-top:0px;} .ms-owa-paste-option-icon {margin: 2px 4px 0px 4px;vertical-align:sub;padding-bottom: 2px;display:inline-block;} .ms-rtePasteFlyout-option:hover {background-color:rgb(223, 237, 250) !important;opacity:1 !important;} .ms-rtePasteFlyout-option {padding:8px 4px 8px 4px;outline:none;} .ms-cui-menusection {float:left; width:85px;height:24px;overflow:hidden}--></style>
</head>
<body>
<div style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p>FYI,</p>
<p><br>
</p>
<p>IAB requests comments on pervasive surveillance mitigation.</p>
<p><br>
</p>
<p>Lee<br>
</p>
<p><br>
</p>
<div style="color: #282828;">
<hr tabindex="-1" style="display: inline-block; width: 98%;">
<div dir="ltr" id="divRplyFwdMsg"><font face="Calibri, sans-serif" color="#000000" style="font-size: 11pt;"><b>From:</b> Dave Farber via ip <ip@listbox.com><br>
<b>Sent:</b> Tuesday, October 7, 2014 5:54 PM<br>
<b>To:</b> ip<br>
<b>Subject:</b> [IP] IAB soliciting comments on mitigation of pervasive surveillance:</font>
<div> </div>
</div>
<div>
<div class="gmail_quote">---------- Forwarded message ----------<br>
From: "Mike Liebhold" <<a href="mailto:mnl@well.com">mnl@well.com</a>><br>
Date: Oct 7, 2014 5:38 PM<br>
Subject: IAB soliciting comments on mitigation of pervasive surveillance:<br>
To: "Dewayne Hendricks" <<a href="mailto:dewayne@warpspeed.com">dewayne@warpspeed.com</a>>, "Dave Farber" <<a href="mailto:dave@farber.net">dave@farber.net</a>><br>
Cc: <br>
<br type="attribution">
<div bgcolor="#FFFFFF">Hi Dewayne and Dave,<br>
<br>
The Inernet Architecture Board is soliciting comments on two drafts that may be of interested in:<br>
<br>
Pervasive Attack: A Threat Model and Problem Statement <br>
<a target="_blank" href="https://tools.ietf.org/html/draft-barnes-pervasive-problem-01">https://tools.ietf.org/html/draft-barnes-pervasive-problem-01</a><br>
<br>
"Documents published in 2013 have revealed several classes of "pervasive" attack on Internet communications. In this document, we review the main attacks that have been published, and develop a threat model that describes these pervasive attacks. Based on
this threat model, we discuss the techniques that can be employed in Internet protocol design to increase the protocols robustness to pervasive attacks." [snip]<br>
<br>
Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement<br>
<a target="_blank" href="https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat-00">https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat-00</a><br>
<br>
"Documents published in 2013 have revealed several classes of "pervasive" attack on Internet communications. In this document we develop a threat model that describes these pervasive attacks. We start by assuming a completely passive adversary with an interest
in indiscriminate eavesdropping that can observe network traffic, then expand the threat model with a set of verified attacks that have been published. Based on this threat model, we discuss the techniques that can be employed in Internet protocol design
to increase the protocols robustness to pervasive attacks." [snip]<br>
<br>
<br>
<br>
-------- Original Message --------<br>
Subject: Re: [perpass] IAB security/privacy programme PM draft<br>
Date: Tue, 07 Oct 2014 12:35:17 -0400<br>
From: Joseph Lorenzo Hall <a target="_blank" href="mailto:joe@cdt.org"><joe@cdt.org></a><br>
To: <a target="_blank" href="mailto:perpass@ietf.org">perpass@ietf.org</a><br>
<br>
<br>
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
As the showrunner for the confidentiality effort in the IAB privacy<br>
and security program, please do share your feedback with us. We are<br>
also contemplating a companion document on mitigations for the threats<br>
outlined in the threat model.<br>
<br>
best, Joe<br>
<br>
On 9/15/14, 10:56 AM, Stephen Farrell wrote:<br>
> <br>
> Hi all,<br>
> <br>
> Richard and a few folks started work on documenting a problem <br>
> statement [1] some time ago. As I think was stated here before it<br>
> seems like a good plan for that to be progressed as part of the<br>
> IAB's re-factored security/privacy programme. So Brian Trammell has<br>
> picked up the pen and pushed out [2].<br>
> <br>
> Comments very welcome (I've still to read it myself so will send my<br>
> comments here too when I've had a chance),<br>
> <br>
> Cheers, S.<br>
> <br>
> <br>
> [1] <a target="_blank" href="http://tools.ietf.org/html/draft-barnes-pervasive-problem">
http://tools.ietf.org/html/draft-barnes-pervasive-problem</a> [2]<br>
> <a target="_blank" href="https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat">
https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat</a><br>
><br>
> _______________________________________________ perpass mailing<br>
> list <a target="_blank" href="mailto:perpass@ietf.org">perpass@ietf.org</a> <br>
> <a target="_blank" href="https://www.ietf.org/mailman/listinfo/perpass">https://www.ietf.org/mailman/listinfo/perpass</a><br>
> <br>
<br>
- -- <br>
Joseph Lorenzo Hall<br>
Chief Technologist<br>
Center for Democracy & Technology<br>
1634 I ST NW STE 1100<br>
Washington DC 20006-4011<br>
(p) <a target="_blank" value="+12024078825" href="tel:202-407-8825">202-407-8825</a><br>
(f) <a target="_blank" value="+12026370968" href="tel:202-637-0968">202-637-0968</a><br>
<a target="_blank" href="mailto:joe@cdt.org">joe@cdt.org</a><br>
PGP: <a target="_blank" href="https://josephhall.org/gpg-key">https://josephhall.org/gpg-key</a><br>
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871<br>
<br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.13 (Darwin)<br>
<br>
iQIcBAEBCAAGBQJUNBZEAAoJEF+GaYdAqahxrEsP/28vDnQatU/cplFLiWz9+Xda<br>
8lscV2uhxEaQYHgy4wvsd03vgfFCE/RfG7AwX8h1+S7XDUg27GpUHLPeXJesF6cy<br>
WOSnzYN6K/WmDMn8AKYv+/FDYf6JdB5yc0zmiivAbOTDwsi6LTbRMvwRhMyUXlEM<br>
OeZlbZz5GkyMmDccUNSjS6B8WrGnxilnQX07c7bRgeq9DR5DB8QwaRsg66Z757Bi<br>
vSqDAG/87aKU8Pov5gRRHNY9QskOneuFWEIOO4pl+eqodx3c45Lyx7Ain7vjy/nO<br>
l92FTyOyf47I99vWWyrit/KBPImxNFnP2txZu1WuWXz/yNYCKxrOMiTdIycjVwVK<br>
7jpfcAtC7IB11+nMTy4xNl4kzRBcZnCXVaWhZ+b+5/SuZX4qKrwB4YeFlQQKJXXY<br>
+F9XeG1MAjaF4qmNFeLsIUO0wadRXQ23RSlKfDqNe8s+Y2BsvoUepzxmsbSsJCJ0<br>
NAGEGNqBnwXQwbaJO9MtTU0RzXbe1KzJw26eHY5/nfCBfyn2hYw9TjzH0cmAOOXX<br>
IcxVYBfJLu/tUNvxtpaPhlu3yvzcU99KxdjLpBsD/wOk4mfblg9AAZiwxXdq5k7+<br>
nCSPz+CodE2OWt7UsqdCIdBiW/yaC2qnLcnMw197lRxJnDwE2NrbQx72AQAd6u9Z<br>
ndxTiZ7dEsIuOJE0OCaL<br>
=4SpJ<br>
-----END PGP SIGNATURE-----<br>
<br>
_______________________________________________<br>
perpass mailing list<br>
<a target="_blank" href="mailto:perpass@ietf.org">perpass@ietf.org</a><br>
<a target="_blank" href="https://www.ietf.org/mailman/listinfo/perpass">https://www.ietf.org/mailman/listinfo/perpass</a><br>
<br>
<br>
</div>
</div>
<div bgcolor="#ffffff" style="width: auto; margin: 0px; padding: 5px; background-color: #ffffff; clear: both; border-top: 1px solid #cccccc;">
<table cellspacing="0" cellpadding="0" width="100%" border="0" bgcolor="#ffffff" style="background-color: #ffffff;">
<tbody>
<tr>
<td><font color="#333333" size="1" style="font-family: helvetica,sans-serif;"><a title="Go to archives for ip" href="https://www.listbox.com/member/archive/247/=now" style="text-decoration: none; color: #669933; border-bottom: 1px solid #444444;">Archives</a>
<a title="RSS feed for ip" href="https://www.listbox.com/member/archive/rss/247/8923115-8446eb07" border="0" style="text-decoration: none; color: #669933;">
<img border="0" alt="" src="https://www.listbox.com/images/feed-icon-10x10.jpg"></a> |
<a href="https://www.listbox.com/member/?member_id=8923115&id_secret=8923115-86ed04cc" style="text-decoration: none; color: #669933; border-bottom: 1px solid #444444;">
Modify</a> Your Subscription | <a href="https://www.listbox.com/unsubscribe/?member_id=8923115&id_secret=8923115-e899f1f0&post_id=20141007175433:84064986-4E6C-11E4-B4BD-961C92A489B0" style="text-decoration: none; color: #669933; border-bottom: 1px solid #444444;">
Unsubscribe Now</a> </font></td>
<td valign="top" align="right"><a href="http://www.listbox.com/" style="border-bottom: medium none;"><img border="0" title="Powered by Listbox" alt="" src="https://www.listbox.com/images/listbox-logo-small.png"></a></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</body>
</html>