Re: [Add] [Ext] Updated charter proposal for ADD
Paul Hoffman <paul.hoffman@icann.org> Wed, 15 January 2020 16:18 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D6A112085B for <add@ietfa.amsl.com>; Wed, 15 Jan 2020 08:18:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g_qSf6J8I_lN for <add@ietfa.amsl.com>; Wed, 15 Jan 2020 08:18:16 -0800 (PST)
Received: from ppa3.lax.icann.org (ppa3.lax.icann.org [192.0.33.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02A2A120841 for <add@ietf.org>; Wed, 15 Jan 2020 08:18:15 -0800 (PST)
Received: from PFE112-CA-2.pexch112.icann.org (out.west.pexch112.icann.org [64.78.40.10]) by ppa3.lax.icann.org (8.16.0.27/8.16.0.27) with ESMTPS id 00FGIENO008264 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <add@ietf.org>; Wed, 15 Jan 2020 16:18:14 GMT
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-2.pexch112.icann.org (64.78.40.23) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 15 Jan 2020 08:18:12 -0800
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1497.000; Wed, 15 Jan 2020 08:18:12 -0800
From: Paul Hoffman <paul.hoffman@icann.org>
To: ADD Mailing list <add@ietf.org>
Thread-Topic: [Add] [Ext] Updated charter proposal for ADD
Thread-Index: AQHVy7sS3dTn6q33TECqcNmmmuiki6fsbWiA
Date: Wed, 15 Jan 2020 16:18:11 +0000
Message-ID: <A78BD5D2-A95E-43BA-A70E-46040C691AC0@icann.org>
References: <236B0A34-8C7F-49D2-8075-5AF5AC35BDFB@apple.com> <AD6E599F-96E8-44FC-8A05-8BFD2F659129@icann.org> <66C24EE6-5C7B-4788-AE26-06B900915010@fugue.com>
In-Reply-To: <66C24EE6-5C7B-4788-AE26-06B900915010@fugue.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_6B996BF8-B8BE-4042-BB68-1CCE52572853"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2020-01-15_02:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/kaZzc7rCqha7OuPMDYVp0jYn5a4>
Subject: Re: [Add] [Ext] Updated charter proposal for ADD
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2020 16:18:21 -0000
On Jan 15, 2020, at 7:46 AM, Ted Lemon <mellon@fugue.com> wrote: > > On Jan 15, 2020, at 10:13 AM, Paul Hoffman <paul.hoffman@icann.org> wrote: >> Any mechanisms that specify interactions between clients and >> servers must provide the security properties expected of IETF >> protocols, e.g., confidentiality protection, integrity protection, >> and authentication with strong work factor. >> >> Any mechanism whose understanding of the network and network services comes from interactions that were not cryptographically authenticated (such as DHCP and RA) cannot meet those requirements. > > Rather than just deleting this text, which I agree is probably not what we want, how about fixing it? Because I don't think we can get consensus on the fixed wording *for the charter*. I would prefer to have the consensus discussions for the documents themselves. > Any specification must include a clear and thorough discussion of the privacy and security implications of using the method or methods it describes. Methods where a mechanism that cannot be cryptographically validated for integrity or which do not provide a cryptographically validatable trust establishment mechanism will clearly describe the use case(s) in which such an override is thought to be needed, should have a clear applicability statement limiting the scope of the specification to those use case(s), and should clearly describe the risks and benefits of such a choice. The first sentence is well-intentioned but does not usually lead to useful text in documents. The second sentence assumes that there are methods that can be cryptographically validated: as I said above, I do not believe they exist. > The first sentence is unnecessary since this is what is expected in the IETF anyway, Fully agree. > but it sets the stage for the sentences that follow. ...and thus is unnecessary. > The point of this is not to prevent the WG specifying methods that can’t be cryptographically validated for integrity and/or trust, but rather to make it clear that such a specification would not be in charter if it didn’t meet the stated requirements. Again, we disagree here because I (and others) don't agree that such methods exist. --Paul Hoffman
- [Add] Updated charter proposal for ADD Tommy Pauly
- Re: [Add] Updated charter proposal for ADD Neil Cook
- Re: [Add] Updated charter proposal for ADD Paul Adair
- Re: [Add] Updated charter proposal for ADD Diego R. Lopez
- Re: [Add] [Ext] Updated charter proposal for ADD Paul Hoffman
- Re: [Add] Updated charter proposal for ADD Livingood, Jason
- Re: [Add] [Ext] Updated charter proposal for ADD Robert Mortimer
- Re: [Add] Updated charter proposal for ADD Andrew Campling
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Dave Lawrence
- Re: [Add] Updated charter proposal for ADD Jari Arkko
- Re: [Add] [Ext] Updated charter proposal for ADD Paul Hoffman
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Alissa Cooper
- Re: [Add] [Ext] Updated charter proposal for ADD Paul Hoffman
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- Re: [Add] [Ext] Updated charter proposal for ADD Andrew Campling
- Re: [Add] [Ext] Updated charter proposal for ADD Barry Leiba
- Re: [Add] Updated charter proposal for ADD chris.box
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- Re: [Add] [Ext] Updated charter proposal for ADD Brian Dickson
- Re: [Add] [Ext] Updated charter proposal for ADD STARK, BARBARA H
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Brian Dickson
- Re: [Add] [Ext] Updated charter proposal for ADD Stephen Farrell
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Deen, Glenn (NBCUniversal)
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- Re: [Add] [Ext] Updated charter proposal for ADD Martin Thomson
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Brian Dickson
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- Re: [Add] Updated charter proposal for ADD nigel.tedeschi
- Re: [Add] Updated charter proposal for ADD Smith, Kevin, Vodafone Group
- Re: [Add] [Ext] Updated charter proposal for ADD Andrew Campling
- Re: [Add] [Ext] Updated charter proposal for ADD Ted Lemon
- Re: [Add] Updated charter proposal for ADD Vittorio Bertola
- Re: [Add] [Ext] Updated charter proposal for ADD Patrick McManus
- Re: [Add] [Ext] Updated charter proposal for ADD Paul Hoffman
- Re: [Add] [Ext] Updated charter proposal for ADD Patrick McManus
- Re: [Add] [Ext] Updated charter proposal for ADD Brian Dickson
- Re: [Add] [Ext] Updated charter proposal for ADD Rob Sayre
- [Add] Food for thought? Mohit Sethi M
- Re: [Add] Food for thought? Mohit Sethi M
- Re: [Add] Food for thought? Ted Lemon
- Re: [Add] Food for thought? tirumal reddy
- Re: [Add] Food for thought? Ted Lemon