IETF
saag
saag@jabber.ietf.org
Thursday, March 26, 2015< ^ >
bortzmeyer has set the subject to: SAAG at IETF91: https://datatracker.ietf.org/meeting/91/agenda/saag/
Room Configuration
Room Occupants

GMT+0
[13:16:15] bortzmeyer joins the room
[13:19:51] bortzmeyer leaves the room: Replaced by new connection
[13:39:35] bortzmeyer joins the room
[14:30:15] bortzmeyer leaves the room
[14:31:37] bortzmeyer joins the room
[15:04:15] bortzmeyer leaves the room: Replaced by new connection
[15:04:16] bortzmeyer joins the room
[15:09:39] bortzmeyer leaves the room: Replaced by new connection
[15:09:41] bortzmeyer joins the room
[15:10:56] bortzmeyer leaves the room
[15:10:58] bortzmeyer joins the room
[15:59:47] bortzmeyer leaves the room: Replaced by new connection
[15:59:47] bortzmeyer joins the room
[16:26:48] bortzmeyer leaves the room
[16:28:38] bortzmeyer joins the room
[17:01:23] bortzmeyer leaves the room
[17:03:34] bortzmeyer joins the room
[17:45:09] Dan York 2 joins the room
[17:53:32] kaduk joins the room
[17:56:01] Meetecho joins the room
[17:57:25] Dan York joins the room
[17:58:25] ∮∮∮ joins the room
[17:58:46] hallam joins the room
[17:58:47] wseltzer joins the room
[17:58:59] Dan York leaves the room
[17:59:04] smemery joins the room
[17:59:25] Dan York joins the room
[17:59:53] Brad Hill joins the room
[18:00:45] Valery Smyslov joins the room
[18:01:12] Magnus Westerlund joins the room
[18:01:13] Aaron Zauner joins the room
[18:01:34] Kathleen Moriarty joins the room
[18:01:55] Jim Bieda joins the room
[18:01:59] <kaduk> triple-path-integral: isn't there a dedicated code point for three-dimensional surface integral that would be more meaningful?
[18:02:01] <hallam> Stephen Farrell at the Mic
[18:02:46] <hallam> wg reports
[18:03:17] <Dan York 2> DANE did me
[18:03:20] <Dan York 2> t
[18:03:53] Jim Fenton joins the room
[18:04:18] Yoav Nir joins the room
[18:04:18] Jonathan Lennox joins the room
[18:05:03] marco@nl joins the room
[18:05:06] Dan Wing joins the room
[18:05:14] dkg joins the room
[18:05:30] Yoav Nir has set the subject to: SAAG at IETF92: https://datatracker.ietf.org/meeting/92/agenda/saag/
[18:05:49] Samuel Weiler joins the room
[18:05:58] Mike Baer joins the room
[18:06:43] Magnus Westerlund_5935 joins the room
[18:06:43] Shaun Cooley joins the room
[18:06:57] Mike Jones joins the room
[18:07:13] rbarnes joins the room
[18:07:21] <hallam> and now with SPUD we have FOUR!
[18:08:00] <Mike Jones> DNSOPS was mostly about DNSSEC deployment
[18:08:04] C Peters joins the room
[18:08:40] m&m joins the room
[18:08:40] <hallam> Sandy murphy at the mic
[18:08:45] <rbarnes > DNSOP also had .onion discussion, generally pretty supportive
[18:09:08] <Mike Jones> CIDR protocol document in last call.  Some substantive issues were found.
[18:10:09] <Mike Jones> Kenny Patterson reported that CFRG was very well attended
[18:10:22] <Mike Jones> Topic 1 was EC crypto - good consensus developing
[18:10:24] <rbarnes > kenny reports that CFRG needs a bigger room next time :)
[18:10:27] <Mike Jones> Update on SCRYPT
[18:10:29] <Mike Jones> PAKE
[18:11:45] satoru.kanno@jabber.org joins the room
[18:11:54] <Mike Jones> Richard Barnes reported that the ACME BoF was well attended
[18:12:05] <Mike Jones> There appeared to be support with pursing work
[18:12:20] <Mike Jones> Stephen said that there should be a WG in a few months
[18:12:52] <Mike Jones> DIME is looking for crypto help
[18:13:53] <Mike Jones> Derek Atkins reported that a bunch of OpenPGP participants met
[18:13:59] <Mike Jones> Not clear what the next steps are for this
[18:14:29] <Mike Jones> MNot reports that there was a Monday bar BoF for captive portals
[18:14:38] <Mike Jones> Mailing list captive-portals@
[18:14:57] <Mike Jones> Possible new DHCP option for identifying captive portals
[18:15:41] <Mike Jones> TLS VPN discussion happened last night
[18:15:47] <Mike Jones> They may ask Stephen for a mailing list
[18:16:04] <Mike Jones> All over the place on what TLS VPNs mean
[18:16:24] <Mike Jones> Gabriel - Side meeting on security problems related to IoT
[18:16:37] <Mike Jones> Pavilion room at 8pm
[18:16:44] <Mike Jones> For IoT and Security interests
[18:17:21] Sean Turner joins the room
[18:17:34] Matt Tooley joins the room
[18:17:54] <Mike Jones> Kathleen reporting on Pervasive Monitoring draft
[18:18:16] <Mike Jones> Work in many WGs - IPsecMe, UTA, TLS
[18:18:17] <Dan York 2> Who was the person talking about the IoT and Security meeting?
[18:18:35] <Mike Jones> Kathleen asking for participation
[18:18:54] Adam Montville joins the room
[18:19:00] <smemery> Dan: Montenegro I believe.
[18:19:09] Cullen Jennings joins the room
[18:19:20] <Mike Jones> Gabriel Montenegro at Microsoft
[18:19:25] <Dan York 2> thanks
[18:19:37] <hallam> Prefix comments to the mic with 'mic'
[18:19:42] <Mike Jones> Natasha Reed at GSMA thanked us for the pervasive monitoring work
[18:19:49] <∮∮∮> Rooney
[18:20:15] <Mike Jones> Presentation by Joe Bonneau starting
[18:20:44] <Mike Jones> Title "HSTS and HPKP in practice"
[18:21:08] wilma joins the room
[18:21:15] <Mike Jones> Will describe bugs in HSTS and pinning
[18:21:31] <Mike Jones> Trying to prevent HTTPS stripping by men in the middle
[18:22:03] <Mike Jones> STS is Strict Transport Security
[18:22:03] Mark Nottingham joins the room
[18:22:39] <Mike Jones> Some browsers now pre-load a list of HTTPS only sites
[18:22:48] Peter Koch joins the room
[18:22:52] marco@nl leaves the room: Replaced by new connection
[18:23:04] marco@nl joins the room
[18:23:09] Cullen Jennings leaves the room
[18:23:16] <rbarnes > PSA: if you would like to be pre-loaded, contact me or AGL
[18:23:41] <Mike Jones> Next level of defense against adversaries with a CA compromise in their toolkit
[18:23:50] <Dan York 2> rbarnes: Good to know
[18:23:54] <Mike Jones> Users won't detect rogue certificates
[18:24:12] <hallam> Hmm... shouldn't we use CAA for this???
[18:24:12] <Mike Jones> Key pinning the solution
[18:24:26] <Mike Jones> Client learns a pinset for a given domain
[18:24:37] <rbarnes > hallam: i seem to recall some pretty emphatic statements in the CAA spec that it is not for client consumption :)
[18:24:48] <hallam> Rather than backchannels to get on the psa list...
[18:24:52] <Mike Jones> At least one of the certificates in the pin set must appear in the cert chain
[18:25:05] <hallam> rbarnes, and they were put in over my objections
[18:25:38] <hallam> This would not be for client consumption. It would be for developer consumption
[18:25:39] <Mike Jones> Pinning doesn't enable not having a cert signed by a trusted CA
[18:26:09] Mark Nottingham leaves the room
[18:26:21] <Mike Jones> Can also set pin sets in a header
[18:26:35] <Mike Jones> Strict-Transport-Security header
[18:27:05] <Mike Jones> Risk: If an attacker is able to issue a pin first, it can block the domain
[18:27:38] <Mike Jones> HSTS a standard since 2012 - RFC 6797
[18:27:53] <Mike Jones> Support in Chrome, FF, Opera, Safari
[18:27:59] <Mike Jones> IE may be coming
[18:28:33] <Mike Jones> HPKP aka PKP web pinning still under development
[18:28:37] <Mike Jones> No browsers support this yet
[18:28:43] rbarnes leaves the room
[18:29:30] <Mike Jones> Chrome preloads now over 1200 domains
[18:30:15] <Mike Jones> Get loaded in Chrome at hstspreload.appspot.com
[18:31:21] <Mike Jones> HPKP is actually in Chrom and FF now
[18:31:28] <Mike Jones> Talk to Richard Barnes about preloads in FF
[18:32:14] <hallam> By using CAA I mean define a new tag
[18:32:17] rbarnes joins the room
[18:32:39] <hallam> You can't use the existing tags. It would have to be a hsts tag
[18:33:04] <rbarnes > hallam: s/tag/header/
[18:33:52] <Mike Jones> Dropbox, Twitter, Google pin sets are big
[18:33:55] <hallam> Attribute-value pairs, WEV
[18:34:02] <rbarnes > for firefox: https://blog.mozilla.org/security/2014/09/02/public-key-pinning/
[18:34:25] <Mike Jones> Most sites are pinning CAs rather than end entity certs
[18:34:47] Tony Hansen joins the room
[18:35:10] <rbarnes > current pinset in Firefox (sync'ed from the Google list, i think): https://dxr.mozilla.org/mozilla-central/source/security/manager/tools/PreloadedHPKPins.json
[18:35:16] Aaron Zauner leaves the room
[18:36:10] Wentao Shang joins the room
[18:36:22] Aaron Zauner joins the room
[18:36:28] <Mike Jones> At least one site has broken itself to date by having bad pin information
[18:36:38] wseltzer joins the room
[18:36:58] tlyu@mit.edu joins the room
[18:37:30] <Mike Jones> About 1% of top million sites set HSTS
[18:37:46] <Mike Jones> About 1/6 of HTTPS-only sites set HSTS
[18:37:50] <Mike Jones> Better numbers are in the paper
[18:38:43] <Mike Jones> Errors described inthe paper
[18:40:08] <Mike Jones> Mic: Jeff Hodges says ssl labs has reporting tools
[18:41:55] <Mike Jones> Pinning introduces a new kind of mixed content
[18:42:16] <Mike Jones> - https references from pinned content to unpinned content
[18:42:44] Xavier Marjou joins the room
[18:43:06] <Mike Jones> Richard Barnes asked about networks where HTTPS isn't supported
[18:43:16] <Mike Jones> Twitter had to have their own CDN for their pinned content
[18:43:33] <Mike Jones> Most sites end up loading some non-pinned content
[18:45:49] Jim Bieda leaves the room
[18:46:08] Franck Martin joins the room
[18:47:15] Erik Wahlstrom joins the room
[18:48:21] <Mike Jones> Phillip H-B is concerned about there being two different registries
[18:48:46] <Mike Jones> Talking about CA records in DNS records and harmony with DANE
[18:48:48] Joe Hall joins the room
[18:49:13] <Dan York 2> FYI, PHB is talking about CAA records
[18:50:33] wseltzer leaves the room
[18:51:59] <Dan York 2> +1 - this is excellent work
[18:52:05] <Dan York 2> (no need to relay)
[18:52:10] <Mike Jones> Jeff Hodges - a lead author on HSTS - thanked him for the survey paper
[18:53:19] <Mike Jones> Mic: There is cooperation among the browser vendors in sharing the pin sets
[18:54:16] Guan Ting joins the room
[18:54:25] <Mike Jones> Jeff: Browser developers and large RPs cooperated to develop the mechanism
[18:54:50] <Mike Jones> Jeff: The include subdomains feature generated tons of discussion
[18:54:56] rbarnes leaves the room
[18:55:12] <Joe Hall> I must confess I asked AGL a while ago to include cdt.org before we were setting HSTS (which we still don't do)… part of the problem for folks like us is we don't fully understand potential breakages since we're on the lower end of the bell curve in this crowd in terms of technical sophistication
[18:55:24] <Mike Jones> Mark Nottingham thanked for the presentation and the developer testing emphasis
[18:55:32] <Mike Jones> MNot concerned about low adoption rates
[18:56:01] rbarnes joins the room
[18:56:06] <Yoav Nir> Both of those can make your site bricked. It's a hard sell
[18:56:34] <Mike Jones> Adam Langley presentation begins
[18:56:47] <Mike Jones> SPDY -> QUIC -> HTTP2
[18:57:15] <Mike Jones> Google originally thought about replacing the whole stack, including TCP!
[18:57:44] <Mike Jones> QUIC replaces TCP and TLS
[18:58:05] <Mike Jones> Even in 2013, security was not optional
[18:58:32] ∮∮∮ leaves the room
[18:58:35] <Mike Jones> Used on an experimental basis between Chrom and Google services
[18:58:42] <Mike Jones> Will be QUIC Crypto - not TLS
[18:59:15] ∮∮∮ joins the room
[18:59:30] <Mike Jones> Server signs a config block containing DH parameters, ciphersuites, etc.
[18:59:54] <Mike Jones> 0 RTT is client knows the config block already
[18:59:56] Adam Montville leaves the room
[19:00:02] <Mike Jones> Only one handshake mode
[19:00:18] <Mike Jones> s/is client/if client/
[19:00:38] <Mike Jones> No resumption, curve 25519, no signatures
[19:00:59] <Mike Jones> TLS 1.3 looks a lot like QUIC Crypto - no accident
[19:01:16] <Mike Jones> TLS 1.3 has rejected offline signing
[19:01:45] <Mike Jones> They are worried about people with HSMs
[19:02:06] <Mike Jones> Want to be able to recover once the attack is detected
[19:02:23] <Mike Jones> Otherwise attacker could pre-sign and later use lots of things
[19:02:47] <Mike Jones> QUIC's anti-replay scheme didn't work - was caught recently in review
[19:03:10] Ryan Sleevi joins the room
[19:03:16] <Mike Jones> You may see QUIC showing up in the Transport Area
[19:03:36] m&m leaves the room: Disconnected: session closed
[19:03:41] Dan Wing joins the room
[19:03:42] <Mike Jones> QUIC a UDP-based protocol
[19:03:42] Dan Wing leaves the room
[19:04:21] <Mike Jones> QUIC provides in-order reliable transport for crypto messages
[19:04:25] m&m joins the room
[19:04:34] <Mike Jones> They are not looking to replace TLS
[19:04:54] <hallam> prefix statements to the mic with 'mic:'
[19:05:23] <Mike Jones> Mic: Ekr made a comment on TLS vs. DTLS
[19:05:23] Mark Treacy joins the room
[19:07:35] <Mike Jones> Mic: Someone was concerned about QUIC being used in browser but user being signalled that TLS is being used
[19:07:53] <Mike Jones> Adam replied that the QUIC security properties are as good as TLS
[19:09:19] <Mike Jones> Mic: MNot: Semantics of HTTPS not bound to TLS
[19:09:51] Ryan Sleevi leaves the room
[19:09:58] rbarnes awaits the arrival of NSEC13
[19:10:05] <Mike Jones> Authenticated Denial of Existence presentation begins
[19:10:07] <rbarnes > NSECN
[19:11:06] <Mike Jones> Server can send a record to prove names in a range don't exist
[19:11:43] <Joe Hall> (what I was going to say at the mic is that url bar indicia is one thing, but I'd hope that browsers report QUIC/funky TLS in some manner when you click on on the lock and it reports key exchange, cipher suites, etc.)
[19:11:55] <Mike Jones> NSEC5 makes enumeration impossible (a goal)
[19:11:59] <Joe Hall> (if not, I'd worry about deception issues… which is not an engineering thing)
[19:12:09] <rbarnes > can someone tell me why people are so concerned about zone enumeration?
[19:12:10] <Kathleen Moriarty> Joe, We'll have time during open mic
[19:12:12] <Jonathan Lennox> Is there a reason why NSEC versions have all been odd numbes?
[19:12:16] <Joe Hall> kk
[19:12:18] <Jonathan Lennox> *numbers?
[19:12:49] <Dan York 2> rbarnes : I don't know... but some people get very worked up about it
[19:13:18] <Dan York 2> Jonathan Lennox: so that they could interleave with IP numbers, maybe?
[19:13:24] <Mike Jones> (as an individual) knowing what's there makes it easier to decide to attack it
[19:13:53] <Samuel Weiler> jonathan: same reason the linux kernel has stable/unstable minor versions?
[19:13:54] <Dan York 2> mike jones: True...
[19:14:00] <Mike Jones> NSEC5 not intended to replace NSEC and NSEC3
[19:14:11] <Mike Jones> Defines new resource types
[19:14:28] bortzmeyer leaves the room: Replaced by new connection
[19:14:29] bortzmeyer joins the room
[19:15:05] <Samuel Weiler> we have had nsec2 and nsec4 proposals.
[19:15:19] Benno Overeinder joins the room
[19:15:39] Adam Montville joins the room
[19:16:01] <Mike Jones> Status: Some sections of the draft are incomplete
[19:16:17] <Mike Jones> No mechanism to distribute NSEC5 private keys
[19:16:28] yao.vct joins the room
[19:16:32] <Mike Jones> Asks "Is it in scope?"
[19:16:43] <rbarnes > the point is that preventing enumeration adds this huge amount of complexity to DNSSEC, so it seems like you would want there to be some appreciable benefit.
[19:18:01] <Mike Jones> (as an individual) - Richard, go to the microphone and ask why enumeration is a big deal
[19:18:11] <Joe Hall> pls
[19:18:15] Guan Ting leaves the room
[19:18:16] <Mike Jones> " cost-benefit wise
[19:18:45] yao.vct leaves the room
[19:19:20] <Mike Jones> Olafur - former chair - states that this is all unnecessary
[19:19:31] <Mike Jones> Message size is a much bigger deal
[19:19:52] Adam Montville leaves the room
[19:20:42] <rbarnes > NSEC7 proposal: sign a bloom filter populated with existing names.  boom, game over.
[19:20:54] <Samuel Weiler> and distribute it over bittorrent.
[19:21:00] <rbarnes > excellent idea
[19:21:06] m&m leaves the room: Disconnected: connection closed
[19:21:11] <rbarnes > magnet URI in the zone
[19:21:26] bortzmeyer leaves the room: Replaced by new connection
[19:21:27] bortzmeyer joins the room
[19:21:41] <Dan York 2> EKR at mic  ... we can tell that remotely! :-)
[19:22:11] <Mike Jones> Ekr points out that this whole problem goes away if we're not interested in denying the existence of domains
[19:22:12] <Dan York 2> "a little bit not standardized" ...
[19:22:34] <Jonathan Lennox> If you don't deny existence can't someone forge non-DNSSEC signed DNS records?
[19:22:53] <Mike Jones> Presentation by Ladar Levison begins
[19:23:00] <Mike Jones> from LavaBit
[19:23:20] Magnus Westerlund_5935 leaves the room
[19:23:35] Magnus Westerlund leaves the room: I'm happy Miranda IM user. Get it at http://miranda-im.org/.
[19:23:45] <Mike Jones> PRIME: Privacy Respecting Internet Mail Environment
[19:23:53] <Mike Jones> End-to-end encrypted mail
[19:23:59] <Sean Turner> wait he's not in the pink box ;)
[19:24:07] <Mike Jones> Proposal in development
[19:24:16] <Mike Jones> (individual) How should we punish him, Sean?
[19:25:04] <Mike Jones> Going through a list of encryption-enabled standards related to existing e-mail standards
[19:25:46] <Mike Jones> SMIME usable by people in this room but pretty much noone else
[19:25:57] <Mike Jones> Automate key management - make encryption transparent
[19:26:11] <Joe Hall> @sean he didn't wanna
[19:26:17] <Mike Jones> Enable ubiquitous encrypted e-mail to be a fact of life
[19:26:24] <Mike Jones> Will break some existing scenarios
[19:26:32] <rbarnes > http://memedad.com/meme/542213
[19:26:58] <Mike Jones> Sets of choices called account modes - giving a vocabulary to discuss tradeoffs
[19:26:59] <marco@nl> :-)
[19:27:04] <Shaun Cooley> The speakers look pretty nice
[19:27:31] <Mike Jones> Talking about the trust model and algorithmic choices today
[19:27:41] <Mike Jones> Also new things about message structure and possibly binary details
[19:27:59] <Mike Jones> Trust model - TOFU - Trust Organization on First Use
[19:27:59] wseltzer leaves the room
[19:28:08] <kaduk> TOFU, or TOOFU?
[19:28:18] <rbarnes > what is a signet?
[19:28:18] <∮∮∮> TOOFU, definitely.
[19:28:25] <Joe Hall> TOOFU for disambiguation
[19:28:35] <kaduk> a signet is like a certificate but not x.509
[19:28:35] <Dan York 2> Right... cause TOFU has been around for a while :-)
[19:28:43] <∮∮∮> Signet: think of the king's ring that marks the wax seal.
[19:28:55] <rbarnes > kaduk: oh good, another signed object format
[19:28:55] <Mike Jones> DNSSEC trust model is heirarchical
[19:29:13] <Dan York 2> Wrong on DNSSEC deployment...  depends which TLD you're looking at ;-)
[19:29:30] <rbarnes > Dan York 2: i'm looking at most of them :P
[19:29:54] <Dan York 2> :-)
[19:29:55] <Mike Jones> A global ledger is Ladar's proposed solution to the trust problem
[19:30:00] Xavier Marjou leaves the room
[19:30:07] Brad Hill leaves the room
[19:30:26] <Mike Jones> Man-in-the-middle attacks prevented
[19:30:33] <Mike Jones> Also supports PGP trust model
[19:30:56] <Mike Jones> Ekr asks for help understanding trust model
[19:31:12] <Dan York 2> rbarnes : I really need to get to the next layer of DNSSEC Deployment Maps that show second-level domain deployment... need to have a link I can send people to for moments like this. ;-)
[19:31:27] <Mike Jones> Mail client looks for DIME record
[19:31:33] <Mike Jones> Also gets signing key for org domain
[19:31:39] <Mike Jones> Goes to mail server for domain
[19:31:47] <Mike Jones> Asks for additional signed information there
[19:31:48] <rbarnes > drop a DIME on ya
[19:31:55] <Mike Jones> Called a signet
[19:32:04] <Mike Jones> Signature validations...
[19:32:18] Mark Treacy leaves the room
[19:32:21] <Mike Jones> Encrypts message to signet or checks signature on incoming message
[19:32:21] Tadanori TERUYA joins the room
[19:32:37] Adam Montville joins the room
[19:32:44] <Mike Jones> Signet is splittable into components
[19:32:45] Mark Treacy joins the room
[19:33:20] <Mike Jones> Crypto part, optional informational fields - can be split apart - carry separate sets of signatures
[19:33:40] <Mike Jones> Important so that if 1MB image in data, can be omitted
[19:33:58] <Dan York 2> While we're talking DNSSEC (here in the chat) ... nice news from Jari to IETF-announce: http://dnssec-debugger.verisignlabs.com/ietf.org    
[19:34:33] <Mike Jones> Log of those you're communicating with is separable for non-disclosure reasons
[19:34:53] <Mike Jones> Signet contains auto-config info
[19:35:04] first name joins the room
[19:35:19] <Mike Jones> Maybe also an onion address for TOR integration
[19:35:40] <Mike Jones> Optional fields can be used to attach a vcard to your Signet
[19:35:52] <Mike Jones> Security fist, user experience also important
[19:36:11] <Mike Jones> Format extensible
[19:36:30] <Mike Jones> Including advertizing p2p mechanisms, algorithms, etc.
[19:37:20] <Mike Jones> Real-time peer-to-peer communication between parties envisioned for those that support it
[19:37:34] Magnus Westerlund joins the room
[19:37:45] <Mike Jones> Port 25 with special TLS start command to get going
[19:37:46] ∮∮∮ leaves the room
[19:37:55] ∮∮∮ joins the room
[19:38:03] ∮∮∮ joins the room
[19:38:10] ∮∮∮ leaves the room
[19:38:42] <Mike Jones> Talking about curve choices beyond 25519
[19:39:01] <Mike Jones> Mic: Adam Langley - Why 25519 and the bitcoin curve?
[19:39:14] ∮∮∮ leaves the room
[19:39:31] <Mike Jones> Ladar wanted distinct curves for signing and encryption to prevent using the wrong key for the wrong thing
[19:40:15] Xavier Marjou joins the room
[19:40:16] <Mike Jones> Bitcoin curve lets every DIME address also be a Bitcoin payment address
[19:40:41] <Mike Jones> (back and forth about TLS algorithm choices)
[19:41:06] <Mike Jones> Mic: Sean Turner - Adoption call for chacha soon
[19:41:41] ∮∮∮ joins the room
[19:41:58] <Mike Jones> E-mail messages have lots of parts
[19:42:10] <Mike Jones> He encrypts the different parts with different keys
[19:42:25] <Samuel Weiler> can anyone make sense of this slide?
[19:42:53] <Mike Jones> Allowing constrained devices to access only parts of messages important
[19:43:01] <rbarnes > Samuel Weiler: i lost the thread on this thing long ago
[19:43:06] <Mike Jones> What he called "shallow validation"
[19:43:26] <Franck Martin> on a mobile, with IMAP, you can request only what you need to display, like from, to, subject and that's all
[19:44:01] m&m joins the room
[19:44:05] <Mike Jones> Adam Langley: Signatures provide integrity - not confidentiality
[19:44:13] Yoav Nir leaves the room
[19:44:29] <Mike Jones> Deterministic signature over same plaintext same in different messages
[19:45:07] <Franck Martin> then on mobile, you may not want to downlad attachments by default… therefore each part of the email must be encrypted separately
[19:45:21] <rbarnes > this presentation is a good lesson on the importance of incrementalism
[19:45:28] <Mike Jones> Stuff about combining hashes of parts - allowing separate validation of parts without downloading everything
[19:45:49] <Samuel Weiler> rbarnes: boiling email frogs?
[19:46:20] <Mike Jones> Bar BoF in Royal room tonight 7:30
[19:46:20] <Joe Hall> +1 rbarnes
[19:46:22] Wentao Shang leaves the room
[19:47:17] <rbarnes > Samuel Weiler: when you come and drop one big complexity bomb like this, it's hard to tell why you need all the pieces, how they all hang together, etc.  
[19:47:54] <Samuel Weiler> +1
[19:47:59] <Mike Jones> oe.libreswan.org
[19:48:24] <Mike Jones> Ekr from the front: Secure Conferencing
[19:48:37] <Mike Jones> (He's in the pink box :-) )
[19:48:42] <rbarnes > Mike Jones: the image at that link is going to give me nightmares
[19:49:02] <Mike Jones> Mesh conference calling one possibility
[19:49:27] <Mike Jones> Solution media conference unit - central pairwise keying
[19:49:32] <Mike Jones> MCU
[19:49:51] <kaduk> in the pink box, for now.
[19:49:59] <Mike Jones> MCU can read all teh data
[19:50:02] <Dan York 2> Meetecho - I'm not seeing the video
[19:50:25] <Meetecho> Dan York 2: the controllable webcam there froze
[19:50:30] <Mike Jones> Idea to fix that problem splitting conferencing solution splitting key management and media distribution
[19:50:30] <Meetecho> we're going to restore it
[19:51:11] <Mike Jones> Work going to RAI
[19:51:19] <Mike Jones> Expect chartering in ~6 months
[19:51:22] <Mike Jones> Want people's input
[19:51:35] <Mike Jones> Adam Langley: Does the key server have a key?
[19:51:44] <Mike Jones> Adam: This is a boot messaging protocol
[19:52:00] <Dan York 2> This *is* something good to work on.
[19:52:04] <Mike Jones> Adam: Work already done on this problem
[19:52:30] Adam Montville leaves the room
[19:52:35] Sean Turner leaves the room
[19:52:39] <Jim Fenton> such an pbvious problem to solve I'm surprised it hasnt been done long ago.
[19:52:40] <Mike Jones> Presentation ended: Baud rate varied between .9 and 1.3 ekr
[19:52:44] <C Peters> Reguarding Darkmail, if it works it could be years before it's deployed widely enough to be useful.  Why can't we have something simple like a TLSMX record which requires strict TLS CA certs or DANE and forward secrecy?
[19:52:53] wilma leaves the room: Disconnected: Replaced by new connection
[19:53:29] <Meetecho> video back
[19:53:40] ∮∮∮ leaves the room
[19:54:25] <Jim Fenton> C Peters: I think he's focused on more end-to-end security, not just transport
[19:54:33] Peter Koch leaves the room
[19:54:45] Joe Hall leaves the room
[19:54:52] <Dan York 2> C Peters - There are already a good number of email servers using DANE's TLSA records for server-to-server TLS for SMTP
[19:55:01] <C Peters> That's fine, but I want something I can deploy sooner!
[19:55:35] <Jim Fenton> different people are focused on different threat models.
[19:56:29] <Mike Jones> People are making comments on the effectiveness and efficacy of the browser lock icon, scheme, etc.
[19:57:10] Xavier Marjou leaves the room
[19:57:12] hallam leaves the room
[19:57:13] <Mike Jones> Meeting ends
[19:57:19] smemery leaves the room
[19:57:23] kaduk leaves the room
[19:57:25] Samuel Weiler leaves the room
[19:57:25] <Dan York 2> Mike - thanks for scribing
[19:57:25] Magnus Westerlund leaves the room: I'm happy Miranda IM user. Get it at http://miranda-im.org/.
[19:57:30] rbarnes leaves the room
[19:57:31] Dan York leaves the room
[19:57:33] Jonathan Lennox leaves the room
[19:57:35] satoru.kanno@jabber.org leaves the room
[19:57:36] <Jim Fenton> yes, thanks Mike
[19:58:09] Valery Smyslov leaves the room
[19:58:12] Shaun Cooley leaves the room
[19:58:13] Mike Baer leaves the room
[19:58:18] Jim Fenton leaves the room
[19:58:20] Mike Jones leaves the room
[19:58:24] tlyu@mit.edu leaves the room
[19:58:27] Kathleen Moriarty leaves the room
[19:58:40] first name leaves the room
[19:59:00] Dan Wing leaves the room
[19:59:04] Meetecho leaves the room
[19:59:27] marco@nl leaves the room
[19:59:29] Benno Overeinder leaves the room
[20:02:33] Franck Martin leaves the room
[20:05:50] bortzmeyer leaves the room: Replaced by new connection
[20:05:50] bortzmeyer joins the room
[20:08:13] C Peters leaves the room
[20:09:04] Tony Hansen leaves the room
[20:10:39] m&m leaves the room: Disconnected: connection closed
[20:12:02] Mike Jones joins the room
[20:12:03] dkg leaves the room
[20:12:09] Tadanori TERUYA leaves the room
[20:15:10] Sean Turner joins the room
[20:16:19] m&m joins the room
[20:16:20] m&m leaves the room
[20:21:09] Jonathan Lennox joins the room
[20:21:40] Jonathan Lennox leaves the room
[20:22:06] Dan Wing joins the room
[20:22:54] Dan York 2 leaves the room
[20:23:06] rbarnes joins the room
[20:23:46] rbarnes leaves the room
[20:23:47] rbarnes joins the room
[20:23:59] Sean Turner leaves the room
[20:24:00] Dan Wing leaves the room
[20:24:13] rbarnes leaves the room
[20:24:51] Adam Montville joins the room
[20:26:14] bortzmeyer leaves the room
[20:26:34] Joe Hall joins the room
[20:26:53] bortzmeyer joins the room
[20:27:15] Joe Hall leaves the room: Replaced by new connection
[20:27:17] Joe Hall joins the room
[20:27:44] Franck Martin joins the room
[20:28:44] Franck Martin joins the room
[20:28:51] satoru.kanno@jabber.org joins the room
[20:29:03] Franck Martin leaves the room
[20:29:15] Mike Jones leaves the room
[20:31:54] Tony Hansen joins the room
[20:35:07] marco@nl joins the room
[20:35:12] hallam joins the room
[20:37:16] Franck Martin joins the room
[20:37:33] Franck Martin leaves the room
[20:42:13] Joe Hall leaves the room
[20:42:19] Tadanori TERUYA joins the room
[20:46:37] bortzmeyer leaves the room: Replaced by new connection
[20:46:37] bortzmeyer joins the room
[20:48:18] bortzmeyer leaves the room: Replaced by new connection
[20:48:19] bortzmeyer joins the room
[20:51:55] satoru.kanno@jabber.org leaves the room
[20:52:14] marco@nl leaves the room
[20:53:02] Adam Montville leaves the room
[20:55:15] Tadanori TERUYA leaves the room
[21:00:15] hallam leaves the room
[21:01:39] Tony Hansen leaves the room
[21:14:29] Peter Koch joins the room
[21:14:37] Peter Koch leaves the room
[21:14:59] wseltzer joins the room
[21:16:35] wseltzer leaves the room
[21:37:58] bortzmeyer leaves the room
[21:47:46] Kathleen Moriarty joins the room
[21:58:37] bortzmeyer joins the room
[22:01:59] bortzmeyer leaves the room: Replaced by new connection
[22:02:01] bortzmeyer joins the room
[22:06:59] yao.vct joins the room
[22:14:07] ilari.liusvaara leaves the room: offline
[22:18:02] Kathleen Moriarty leaves the room
[22:20:45] Tadanori TERUYA joins the room
[22:24:57] Tadanori TERUYA leaves the room
[22:25:14] bortzmeyer leaves the room
[22:26:34] Franck Martin leaves the room
[22:39:28] bortzmeyer joins the room
[22:40:32] bortzmeyer leaves the room
[22:42:20] Tony Hansen joins the room
[22:45:29] Tony Hansen leaves the room
[22:50:25] Benno Overeinder joins the room
[22:52:26] Franck Martin joins the room
[22:53:35] Franck Martin leaves the room
[22:58:08] Benno Overeinder leaves the room
[23:47:59] yao.vct leaves the room