GUADEC: Danny O'Brien on privacy, encryption, and the desktop
Posted Aug 4, 2010 17:16 UTC (Wed) by gmaxwell
In reply to: GUADEC: Danny O'Brien on privacy, encryption, and the desktop
Parent article: GUADEC: Danny O'Brien on privacy, encryption, and the desktop
Due to the pervasiveness of NAT (as you mention) and layer-4 firewalling opportunistic user to user IPSEC isn't just a dream it's pure fantasy. It also has fairly high per-packet overhead while connection oriented security protocols like TLS have very little overhead past the initial setup.
Even on the IPv6 internet it isn't there and doesn't appear to be forthcoming. Hell Path mtu discovery is absolutely mandatory with IPv6 because routers can't fragment and yet many sites which should know better (e.g. ISC) have been blocking needs fragment packets. IPSEC doesn't even have a chance.
I support the notion of host-to-host IPSEC but we live in the real world and need to deal with real issues, and today IPSEC is a non-solution. And because it wasn't made mandatory with IPv6 it will likely always be vulnerable to downgrading attacks: simply block IPSEC and it will be disabled (either automatically and without the users knowledge or manually) and you can even plausibly claim an honest misconfiguration caused the blocking.
Proposing that we solve this by using IPSEC is like proposing we boil the oceans. Effectively there is no party in control of IP, just a loose collective of voices at the IETF, and getting principled ethical action out of a consortium of many interests approaches impossible as the number of participants increases. Especially when some of those voices are, in fact, very interested in preserving an environment where surveillance is easy and cheap.
But for applications there are single people and small groups with the power to make the right choices. They ought to stand up and make them, rather than waiting for the IP folks to solve it for them.
Even in a future world where it IPSEC is viable the application level security still provides value because IPSEC's location in the network stack precludes it from providing the same security properties, you mention authentication which is a big one but their are additional properties like OTR's anti-non-repudiation which requires specialized interaction between authentication and crypto. Or many other cases where transport security isn't enough like email where the material should be stored in a secure form... so effort spent securing our applications will not be wasted.
to post comments)