Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
Adam Roach <adam@nostrum.com> Thu, 11 July 2019 22:26 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64F851200DB; Thu, 11 Jul 2019 15:26:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, LOTS_OF_MONEY=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxLoFJZLgzVv; Thu, 11 Jul 2019 15:25:59 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B16681200B6; Thu, 11 Jul 2019 15:25:59 -0700 (PDT)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x6BMPnMD039956 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 11 Jul 2019 17:25:51 -0500 (CDT) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1562883952; bh=ImZn46W1nUIddpLmNX0v7XMXxCzPJGMeIu5iVMTfT8A=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=ZIzXvVpxx9M1Pv35o3imfOOoOxOQSqieKTTHMtnY77PlmMl1d2M9hSiv7OJVZtzwz UdBn1m1oMUsGiGQdzLoF/xf6LEtwalvyMXYfS1bxgeqEPuET0mT6WNeg+afpTDT0NR bh46nu42INtqTXuDJesVWuen+5VBdJClmE0VMDcI=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: The IESG <iesg@ietf.org>, draft-ietf-anima-bootstrapping-keyinfra@ietf.org, Toerless Eckert <tte+ietf@cs.fau.de>, anima-chairs@ietf.org, anima@ietf.org
References: <156282703648.15280.17739830959261983790.idtracker@ietfa.amsl.com> <17580.1562874933@localhost>
From: Adam Roach <adam@nostrum.com>
Message-ID: <4679fba2-fdc9-e5ed-3474-12f4e26eca05@nostrum.com>
Date: Thu, 11 Jul 2019 17:25:44 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <17580.1562874933@localhost>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/AWCkl2uGIdwHavDJxAo4NZyqLWU>
Subject: Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 22:26:02 -0000
On 7/11/19 2:55 PM, Michael Richardson wrote: > EXECSUM: Please stop beating us up for having solved the problem that the WG > charter said we we should solve, and for having not solved a > problem that the WG charter said was out-of-scope. I apologize if the objection came off as harsh. My intention was to be clear, and that may have come off as more blunt as intended. I understand that there's a problem to be solved here, and I think there's a fairly simple solution that would satisfy the points I raise (at least, to the extent that the IETF can do so). > Adam Roach via Datatracker <noreply@ietf.org> wrote: > > In short, beyond the user-hostile effects of these two issues, I have > > ethical issues with the IETF publishing a protocol that promotes the > > unnecessary creation of e-waste; and, unless handled properly, that will > > be the inevitable result of the two factors I cite above. > > I really hate e-waste. More than many, I think. > > I have worked very hard in my spare time in years past on projects like > cyanogen (when it was a thing) to continue to support perfectly good phones > that were abandonned by their manufacturers. > > Much of the effort of supporting these phones has been because there is no > protocol for the manufacturers to pass on the real ownership keys to the > physical owner. BRSKI can do exactly this. > > *** but manufacturers have to want to do it *** I completely agree with everything you just said, and sincerely thank you for the work you've done in this area. I think where our perspectives might diverge is our beliefs about what *we*, the IETF, can do about it in this specific case. The IETF, as a matter of practice, includes normative statements in documents all the time regarding processes that conformant implementations "MUST" follow for the sake of security. In many cases, the protocol works just fine if implementors ignore these requirements, which means that implementation of them resolves to exactly one thing: manufacturers have to want to do it. We have no enforcement, and frequently no means to easily detect of violations of these normative statements. And yet we make them. And we give them normative force. And this allows customers, researchers, and even in some cases regulators to use those statements as a stick to try to get vendors to behave. The smallest change that would satisfy my concern would be a statement that says that devices conformant to this specification MUST contain a local means of bootstrapping that does not rely on any specific server being available. As with the security requirements we write into our specs, we'll have no means of enforcement. But as with the security requirements we write into our specs, we'll give interested parties just that little bit more leverage that might tip the scales towards the correct behavior. That's all I'm asking for. [snip] > So I totally understand and agree with your reluctance: if BRSKI gets into > residential IoT, in the fly-by-night vendors that ship crap and then shut > down, then I agree that it could be pretty user and environmentally hostile. > Do I think that will happen? No: the fly-by-night vendors can't keep > their telnetd debug ports closed, and they aren't going to implement BRSKI > until such time as it's just there without them knowing it, and they start > buying IoT system platforms from Intel/ARM/Microsoft/etc. I'm not worried about fly-by-night vendors. I'm worried about acquisition of extremely reputable medium-sized businesses by one of the several behemoth vendors who, as a matter of policy, give newly acquired business units exactly one year to show >$1MUSD net profit per engineering head or be shut down. /a
- [Anima] Adam Roach's Discuss on draft-ietf-anima-… Adam Roach via Datatracker
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Ted Hardie
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Benjamin Kaduk
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Brian E Carpenter
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Max Pritikin (pritikin)
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Brian E Carpenter
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Brian E Carpenter
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel Halpern Direct
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Barry Leiba
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Brian E Carpenter
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Adam Roach
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Toerless Eckert
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Toerless Eckert
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Joel M. Halpern
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Michael Richardson
- Re: [Anima] Adam Roach's Discuss on draft-ietf-an… Eliot Lear