[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

Dobbins, Roland rdobbins at arbor.net
Fri Nov 8 18:56:46 EST 2013 

[This came in prior to my previous reply, so that's why I'm responding to it, and to clarify my positions.]

On Nov 8, 2013, at 1:56 PM, David Miller <dmiller at tiggee.com> wrote:

> If your argument is "Everything must be in the clear or we can't stop the bad guys.", then you probably won't find a lot of support for that
> position.

That isn't my argument at all.  My argument is that a) encrypting things by default when there's no need to do so can be harmful, so pushing for that doesn't make sense, and b) thinking that the IETF is going to accomplish anything which will prevent pervasive governmental surveillance is naive.

> The only way right now.  Arbor has a lot of smart folks.  I have faith in you to find a solution. :-)

We're somewhat constrained by the nature of TCP/IP.

;>

> A solvable issue - see any organization with a large base of infrastructure (that doesn't fall over regularly - I'm not saying that
> everyone has solved it, just that it can be solved).

It isn't a solved issue at all - cryptosystems are regularly penetrated via these vectors.  We're not talking about availability.

> Clearly they were getting some data from the endpoints,

Sure - for some endpoints.

> and clearly they weren't getting everything they wanted from the endpoints.

No - the mass surveillance is intended to obviate the need for going to the endpoints, in most circumstances.

>  Thus they were/are groping inter-DC traffic from some organizations that we know were providing data (of some sort) from their endpoints.

We don't know which came first.  Target suitability and various other externalities played a role, I'm sure.

> If your contention that they can get all they want from the endpoints were true, then they wouldn't have needed to snoop fiber (not
> snooping fiber would have been even cheaper and easier).

Again, that isn't the case.  From their standpoint, it's an economy of scale.

> I will also point out that we now know that the NSA (and likely other agencies of the same ilk) deliberately weakened some crypto.  If crypto
> were useless, then why weaken it?

Economies of scale.

> Obviously, I am all for more expensive and harder.

That makes sense in most contexts.  In the extreme asymmetry of this context, however, it doesn't make sense, because nothing you can do will save you (or your data).

> Political solutions have a limited area of influence.

So, you work within your area of influence to push for the situationally-appropriate protections against both foreign and domestic pervasive surveillance  taking within your area of influence, and I'll do the same in mine.
> 
> Suppose that all nations of the world agreed not to collect data without probable cause and judicial oversight, would anyone "trust" that?

I'm unconcerned with what nations other than my own do in regards to their own polities.  I'm very much concerned with what my nation does within its own polity and to other polities, and with what other governments do within the polity of my government.

> You just seem to be proposing that any other data that I might pass over the internet is not important and does not need to be protected in
> any manner -and- that protocols not be expanded to even give me the option of protecting data that I might want to keep private in flight.

Strawman #2.  I don't care what you choose to encrypt or to send en clair.  What I care about is baking default encryption into technical standards in cases where it won't achieve the desired effect, and will result in many undesirable effectgs.

> Quite true, now.  The IETF consensus is, unless I missed the point, that encryption needs to be worked into existing protocols and required/strongly suggested in any new protocols.

It's the second half of that statement that worries me.  'Required' in terms of capability, I'm all for that.  'Required' in terms of always-on is necessary for deployment, I'm against that.

> Perhaps you could provide your definition of 'social ills', so we can both use the same definition.

Societal problems.  

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the AusNOG mailing list