David Fifield writes:
>Peter is surely referring to the influential "The Parrot is Dead" paper from
>2013
Yep, that was it, thanks (at least one person catalogues their reading by the
looks of it :-). Thanks for the ref to the followup, can't remember seeing
that, but doesn't that just reinforc
On Tue, Aug 11, 2020 at 11:09 PM Peter Gutmann
wrote:
> Rob Sayre writes:
>
> >I'm confused. That seems to be a bunch of boilerplate surrounding a Salon
> >article from 2015:
>
> I just took the first Google result that seems to cover the material...
>
OK.
> >It also contains references to su
Rob Sayre writes:
>I'm confused. That seems to be a bunch of boilerplate surrounding a Salon
>article from 2015:
I just took the first Google result that seems to cover the material...
>It also contains references to supplementary material, like whether
>Intelligent Design can be linked to info
On Tue, Aug 11, 2020 at 3:42 PM David Fifield wrote:
> With that said about website fingerprinting, on the topic of inference
> using packet sizes, timing, and other metadata, I have been impressed
> with this series of articles on inference against TLS and HTTPS, which I
> think avoid common mis
On Tue, Aug 11, 2020 at 01:38:50AM -0700, Rob Sayre wrote:
> On Tue, Aug 11, 2020 at 12:14 AM Peter Gutmann
>
> There was a paper that looked a traffic morphing published a year
> or two ago that came to the same conclusion, to look like you're Skype or
> a
> SIP VoIP call you need t
It's important to note that the Firefox Nightly client does not implement
GREASE of any form, so only the connections to sites that are known to
support the ESNI could be blocked by this method. These connections
stick out like a sore thumb among connections from this browser since ESNI
is supporte
On Tue, Aug 11, 2020 at 12:08:11AM -0700, Christian Huitema wrote:
> There is also the question of what the anonymity set is. I just did a little
> experiment of resolving 25000 domain names and looking at how many resolved to
> the same IP address (https://huitema.wordpress.com/2020/08/09/
> can-i
On 11/08/2020 21:44, Eric Rescorla wrote:
> On Tue, Aug 11, 2020 at 1:24 PM Stephen Farrell
> wrote:
>
>> On 11/08/2020 20:37, Eric Rescorla wrote:
>>> I note that draft-ietf-git-github explicitly permits discussion on the
>>> issues,
>>
>> Well, sure. I know that some people like that, and
>>
On Tue, Aug 11, 2020 at 1:24 PM Stephen Farrell
wrote:
> On 11/08/2020 20:37, Eric Rescorla wrote:
> > I note that draft-ietf-git-github explicitly permits discussion on the
> > issues,
>
> Well, sure. I know that some people like that, and
> it does have benefits. But also downsides that I'm
> s
The requirement is "specification required," and the GitHub repo, with
extensive doxygen comments, seems to meet the requirement, at least for me. I
would be concerned about that URL going away, I suppose.
Yes, an exporter with a fixed prefix, like "EXPORTER-OpenVPN-" will avoid
collisions.
Ho
Hi,
On 11/08/2020 20:33, Christopher Patton wrote:
> This is probably my fault, I apologize.
No need! It looks like a lot of the editorial/lint
stuff wouldn't need to be brought to the list but
that one looked like it might. And since Chris says
they're gonna mail the list anyway, that'll be fin
On Tue, Aug 11, 2020, at 12:10 PM, Stephen Farrell wrote:
>
> I count 32 messages like this, relating to the ESNI draft,
> as github discussion, in the last 24 hours.
>
> Some of those do not need to be reflected to the TLS WG
> list, but I suspect others do, and before discussion
> resolves into
On Tue, Aug 11, 2020 at 12:10 PM Stephen Farrell
wrote:
>
> I count 32 messages like this, relating to the ESNI draft,
> as github discussion, in the last 24 hours.
>
> Some of those do not need to be reflected to the TLS WG
> list, but I suspect others do, and before discussion
> resolves into a
HI all,
Am I alone in being concerned that the efficiency of github
> for some is leading to others with different workflows
> being left out of discussion?
>
This is probably my fault, I apologize. I've been working with Chris Wood
on editorial changes to the draft. These are intende
> Am I alone in being concerned that the efficiency of github
for some is leading to others with different workflows
being left out of discussion?
You are not alone. :)
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tl
I count 32 messages like this, relating to the ESNI draft,
as github discussion, in the last 24 hours.
Some of those do not need to be reflected to the TLS WG
list, but I suspect others do, and before discussion
resolves into an unchangeable outcome on github.
Note: when I say "suspect" I don't
On Wed, Aug 05, 2020 at 10:30:39AM +, tom petch wrote:
> From: TLS on behalf of Christopher Wood
>
> Sent: 04 August 2020 19:16
>
> The official minutes are now up:
>
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_minutes-2D108-2Dtls_&d=DwICAg&c=96ZbZ
Hi folks,
I've just posted draft-rescorla-tls-rfc8446-bis-00.
This document does two things:
1. It rolls up all the various errata that have been filed for
RFC 8446. Some of these have created some reader confusion
and so hopefully this will help.
2. It renames the "master" secrets to "ma
Hey,
I would like to request a label for OpenVPN to use with the RFC5705
Keying Material Exporters to generate keying material for its data
channel encryption.
I hope this the right place to discuss this topic.
The requirements of requesting a label seem to be to have specification
for the proto
On Tue, Aug 11, 2020 at 12:14 AM Peter Gutmann
wrote:
>
> As Yuri Totrov, a.k.a the shadow director of personnel at the CIA, showed:
>
> https://mindmatters.ai/2018/11/how-the-kgb-found-cia-agents/
>
> the only way to hide A as B is if you become B. Which means you can't be A
> any more.
I'm c
Christian Huitema writes:
>Defeating fingerprinting is really hard. It has been tried in the past, as in
>"make me look like Skype" or "make me look like wikipedia". The idea is to
>build a target model, then inject enough noise and padding in your traffic to
>match the target model. But that wa
On 8/10/2020 11:49 PM, Christian Huitema wrote:
> On 8/10/2020 11:14 PM, Rob Sayre wrote:
>> On Mon, Aug 10, 2020 at 10:58 PM Peter Gutmann
>> mailto:pgut...@cs.auckland.ac.nz>> wrote:
>>
>> Rob Sayre mailto:say...@gmail.com>> writes:
>>
>> >Do you think this fingerprinting will work with
On Mon, Aug 10, 2020 at 11:49 PM Christian Huitema
wrote:
> Defeating fingerprinting is really hard. It has been tried in the past, as
> in "make me look like Skype" or "make me look like wikipedia". The idea is
> to build a target model, then inject enough noise and padding in your
> traffic to
23 matches
Mail list logo
