[governance] FW: [IP] IAB soliciting comments on mitigation of pervasive surveillance:

Wed Oct 8 10:39:16 EDT 2014

FYI,

IAB requests comments on pervasive surveillance mitigation.

Lee

________________________________
From: Dave Farber via ip <ip at listbox.com>
Sent: Tuesday, October 7, 2014 5:54 PM
To: ip
Subject: [IP] IAB soliciting comments on mitigation of pervasive surveillance:

---------- Forwarded message ----------
From: "Mike Liebhold" <mnl at well.com<mailto:mnl at well.com>>
Date: Oct 7, 2014 5:38 PM
Subject: IAB soliciting comments on mitigation of pervasive surveillance:
To: "Dewayne Hendricks" <dewayne at warpspeed.com<mailto:dewayne at warpspeed.com>>, "Dave Farber" <dave at farber.net<mailto:dave at farber.net>>
Cc:

Hi Dewayne and Dave,

The Inernet Architecture Board is  soliciting comments on two drafts that  may be of interested in:

Pervasive Attack: A Threat Model and Problem Statement
https://tools.ietf.org/html/draft-barnes-pervasive-problem-01

"Documents published in 2013 have revealed several classes of "pervasive" attack on Internet communications.  In this document, we review the main attacks that have been published, and develop a  threat model that describes these pervasive attacks.  Based on this  threat model, we discuss the techniques that can be employed in Internet protocol design to increase the protocols robustness to pervasive attacks." [snip]

Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement
https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat-00

"Documents published in 2013 have revealed several classes of "pervasive" attack on Internet communications.  In this document we develop a threat model that describes these pervasive attacks.  We start by assuming a completely passive adversary with an interest in indiscriminate eavesdropping that can observe network traffic, then expand the threat model with a set of verified attacks that have been published.  Based on this threat model, we discuss the techniques that can be employed in Internet protocol design to increase the  protocols robustness to pervasive attacks." [snip]

-------- Original Message --------
Subject:     Re: [perpass] IAB security/privacy programme PM draft
Date:     Tue, 07 Oct 2014 12:35:17 -0400
From:     Joseph Lorenzo Hall <joe at cdt.org><mailto:joe at cdt.org>
To:     perpass at ietf.org<mailto:perpass at ietf.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

As the showrunner for the confidentiality effort in the IAB privacy
and security program, please do share your feedback with us. We are
also contemplating a companion document on mitigations for the threats
outlined in the threat model.

best, Joe

On 9/15/14, 10:56 AM, Stephen Farrell wrote:
>
> Hi all,
>
> Richard and a few folks started work on documenting a problem
> statement [1] some time ago. As I think was stated here before it
> seems like a good plan for that to be progressed as part of the
> IAB's re-factored security/privacy programme. So Brian Trammell has
> picked up the pen and pushed out [2].
>
> Comments very welcome (I've still to read it myself so will send my
> comments here too when I've had a chance),
>
> Cheers, S.
>
>
> [1] http://tools.ietf.org/html/draft-barnes-pervasive-problem [2]
> https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat
>
>  _______________________________________________ perpass mailing
> list perpass at ietf.org<mailto:perpass at ietf.org>
> https://www.ietf.org/mailman/listinfo/perpass
>

- --
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825<tel:202-407-8825>
(f) 202-637-0968<tel:202-637-0968>
joe at cdt.org<mailto:joe at cdt.org>
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Darwin)

iQIcBAEBCAAGBQJUNBZEAAoJEF+GaYdAqahxrEsP/28vDnQatU/cplFLiWz9+Xda
8lscV2uhxEaQYHgy4wvsd03vgfFCE/RfG7AwX8h1+S7XDUg27GpUHLPeXJesF6cy
WOSnzYN6K/WmDMn8AKYv+/FDYf6JdB5yc0zmiivAbOTDwsi6LTbRMvwRhMyUXlEM
OeZlbZz5GkyMmDccUNSjS6B8WrGnxilnQX07c7bRgeq9DR5DB8QwaRsg66Z757Bi
vSqDAG/87aKU8Pov5gRRHNY9QskOneuFWEIOO4pl+eqodx3c45Lyx7Ain7vjy/nO
l92FTyOyf47I99vWWyrit/KBPImxNFnP2txZu1WuWXz/yNYCKxrOMiTdIycjVwVK
7jpfcAtC7IB11+nMTy4xNl4kzRBcZnCXVaWhZ+b+5/SuZX4qKrwB4YeFlQQKJXXY
+F9XeG1MAjaF4qmNFeLsIUO0wadRXQ23RSlKfDqNe8s+Y2BsvoUepzxmsbSsJCJ0
NAGEGNqBnwXQwbaJO9MtTU0RzXbe1KzJw26eHY5/nfCBfyn2hYw9TjzH0cmAOOXX
IcxVYBfJLu/tUNvxtpaPhlu3yvzcU99KxdjLpBsD/wOk4mfblg9AAZiwxXdq5k7+
nCSPz+CodE2OWt7UsqdCIdBiW/yaC2qnLcnMw197lRxJnDwE2NrbQx72AQAd6u9Z
ndxTiZ7dEsIuOJE0OCaL
=4SpJ
-----END PGP SIGNATURE-----

_______________________________________________
perpass mailing list
perpass at ietf.org<mailto:perpass at ietf.org>
https://www.ietf.org/mailman/listinfo/perpass

Archives<https://www.listbox.com/member/archive/247/=now> [https://www.listbox.com/images/feed-icon-10x10.jpg] <https://www.listbox.com/member/archive/rss/247/8923115-8446eb07>  | Modify<https://www.listbox.com/member/?member_id=8923115&id_secret=8923115-86ed04cc> Your Subscription | Unsubscribe Now<https://www.listbox.com/unsubscribe/?member_id=8923115&id_secret=8923115-e899f1f0&post_id=20141007175433:84064986-4E6C-11E4-B4BD-961C92A489B0>     [https://www.listbox.com/images/listbox-logo-small.png] <http://www.listbox.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20141008/8d262237/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t