Re: [Add] Not a good BoF meeting
Paul Wouters <paul@nohats.ca> Wed, 24 July 2019 20:50 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8B6512060C for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 13:50:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GuofQ93Pp-z1 for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 13:50:12 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5001D120285 for <add@ietf.org>; Wed, 24 Jul 2019 13:50:12 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 45v6tB6h9kzKtS; Wed, 24 Jul 2019 22:50:10 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1564001410; bh=bRNPSxyRCH3/kqSBsUTuCTMjFYcSiobPmw9q8pGDZ3A=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=uMqE5SSTNyDWMIWnr7xK2DSy8up8jKgBEFK5oI4wNywbHTGoer0MB3tC8rlNIVpHQ yyiD81A4Z43hGMj+HoSzElzWrK/ePR+F24VLDWG2A2B1u2egNiyql/vwSrIysffXoG oIoT8neUbMtw06EpiYEFtWScshJea7UW7YjAzSW0=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id hijjo8gHpEun; Wed, 24 Jul 2019 22:50:10 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 24 Jul 2019 22:50:09 +0200 (CEST)
Received: from [10.169.186.107] (199-7-156-131.eng.wind.ca [199.7.156.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 19534353F94; Wed, 24 Jul 2019 16:50:08 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 19534353F94
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: Paul Wouters <paul@nohats.ca>
X-Mailer: iPhone Mail (16F203)
In-Reply-To: <5009606a-4fcb-92c7-85c6-208d359147c8@nic.cz>
Date: Wed, 24 Jul 2019 16:50:06 -0400
Cc: add@ietf.org, Thomas Peterson <nosretep.samoht@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <590021BB-6BA8-4CDB-8537-6335498C63E2@nohats.ca>
References: <20190724165643.GA29051@laperouse.bortzmeyer.org> <2457067b-49fe-c2cf-d554-95f524573eea@gmail.com> <5009606a-4fcb-92c7-85c6-208d359147c8@nic.cz>
To: Vladimír Čunát <vladimir.cunat+ietf@nic.cz>
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/JTc8AKY0AgDfFiZ17_kiieCt5Rw>
Subject: Re: [Add] Not a good BoF meeting
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 20:50:14 -0000
Sent from mobile device > On Jul 24, 2019, at 16:22, Vladimír Čunát <vladimir.cunat+ietf@nic.cz> wrote: > > I'm fairly sure this has been mentioned a few times, but let me repeat > it: if you don't (fully) trust the network, how can you bootstrap your > trust? (e.g. over insecure DHCP) You may get some certificate name or > key pin, but if you can't first "secure" the channel over which you > obtain those, I don't think you get much more real security. The preconfigured dnssec root key. > I agree that the ADD "group" is still struggling with finding a > "charter", basically, and I'm afraid I can't see much forward progress > (e.g. since the previous IETF) or satisfaction of a larger fraction of > the participants so far. The discussions on the list and in the group only showed the problem is touching so many issues that it’s hard to contain. I’m not sure I see a useful future for “ADD”, but it was a terrible name to start so letting it die isn’t the worst. Paul
- [Add] Not a good BoF meeting Stephane Bortzmeyer
- Re: [Add] Not a good BoF meeting Jim Reid
- Re: [Add] Not a good BoF meeting Thomas Peterson
- Re: [Add] Not a good BoF meeting Vladimír Čunát
- Re: [Add] Not a good BoF meeting Paul Wouters
- Re: [Add] Not a good BoF meeting Brian Dickson
- Re: [Add] Not a good BoF meeting Rob Sayre
- Re: [Add] Not a good BoF meeting Vladimír Čunát