IETF Logo Mail Archive

Re: [Anima] Secdir last call review of draft-ietf-anima-bootstrapping-keyinfra-16

Ted Lemon <mellon@fugue.com> Tue, 02 October 2018 20:19 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B98F131141 for <anima@ietfa.amsl.com>; Tue, 2 Oct 2018 13:19:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sI1Vtp3HcntV for <anima@ietfa.amsl.com>; Tue, 2 Oct 2018 13:19:52 -0700 (PDT)
Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24DDB131110 for <anima@ietf.org>; Tue, 2 Oct 2018 13:19:52 -0700 (PDT)
Received: by mail-yb1-xb2a.google.com with SMTP id 184-v6so1385074ybg.1 for <anima@ietf.org>; Tue, 02 Oct 2018 13:19:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=gNcZI4A4jGUAgvXuXZcGiDSHOvkTK6za+K6iBmm8b6E=; b=AL+nQntQcPA+ozbZhm3251HeDrxN1qN851aj+gPC5ujeOFbxxcOOr+aAL4+U/XEm4o DWGlAT9bsCG67bCguzVRpbfrKhi9xgzwc6Uq/0T9GDxFwX9g4oXUWxCyOQtB3p9rSQYR aR8LK980MX6LxH5q51uJ3oNsldBt0OFEAmKM2f/mfw/dY9ifjNHUfJ6kHtlC5X+WqQ82 57XA80jlujtPSaHibIxyp5oDeBmHI3OWDlpVhfpAnINiXgVl3+6QSipUiwA6nlnNHd2k HDohRIyrqvMXnaci3bjbZXUXCX+nBra/TS0zeg8QOTcejJ6/UXJnC/fX1bnk8kJPL3PN MebA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=gNcZI4A4jGUAgvXuXZcGiDSHOvkTK6za+K6iBmm8b6E=; b=R1zF7Gy2Cr/E3ByR4MjYjj7f2BkjG6XqsjLQGU1f+KEiS92BTUK9RRL7s8vPgikS6M aC0RmJmtA3OxJ+/FHMKSlpU2idRhay7QzEQH76oKTroYSI5T6r2DEDkxJpGizc3EzVq4 CU1zyiXPcwEb8A8rK3hjOz3z+OSWyA2CFcGbnNpRG8aAc1iT5Jq76+j/HKaxPeeQbFul Y2BXtdDnIMJU2fYiIKPoHu/mHyOpGQFk+73qElwNSkbPn8UJ32eGZqHNft6yEP0F/TVf MRTLxqVedvOXV6WuiI1DEymnE16G7mcT0PXDyugmHX8nT3MDAntAT7d9goQ7PyYGXBMU zNVA==
X-Gm-Message-State: ABuFfojpSwfh0qz/mDMdkchYBkyd5/u+eJauB9HSdzVLaE3RVqSTowpY mwzTAlaviirDLUwkymn3mzBb0nLIkgLpiw==
X-Google-Smtp-Source: ACcGV63oB5/UJRSyB+dR4rjmstBY+c+rGQnWGjJx4lJvW2yLCd1Fi0/R3WeWfFvOCiByppLExS4r8Q==
X-Received: by 2002:a25:c4c4:: with SMTP id u187-v6mr9975599ybf.413.1538511591274; Tue, 02 Oct 2018 13:19:51 -0700 (PDT)
Received: from [10.0.100.12] (c-73-167-89-221.hsd1.nh.comcast.net. [73.167.89.221]) by smtp.gmail.com with ESMTPSA id h13-v6sm6371372ywc.100.2018.10.02.13.19.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 02 Oct 2018 13:19:48 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <8B8C96FF-69D2-4ED5-A961-068C975C6D4E@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E2A689A8-8703-4BAD-B5E3-DEE8EC6CCA69"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Tue, 02 Oct 2018 16:19:46 -0400
In-Reply-To: <35fdaa10-426d-d732-717d-37a25207250b@cisco.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, Christian Huitema <huitema@huitema.net>, Randy Bush <randy@psg.com>, Security Directorate <secdir@ietf.org>, anima@ietf.org, draft-ietf-anima-bootstrapping-keyinfra.all@ietf.org
To: Eliot Lear <lear@cisco.com>
References: <153826253306.18743.9250084704876465818@ietfa.amsl.com> <m2sh1qkebi.wl-randy@psg.com> <057bd957-06b4-824e-a7c8-214383819621@huitema.net> <m2murxi8ws.wl-randy@psg.com> <b4a32733-c2df-6bea-17d2-4d45ee4d5136@cisco.com> <m2wor0h9vu.wl-randy@psg.com> <1fd9c9d5-508f-901e-818c-3cc87725c331@cisco.com> <B9A85C1F-3299-4EB5-8716-05CC14CDC1F5@fugue.com> <3590.1538507134@localhost> <CAPt1N1mnps23VNjpjH41jiyOzs+N-fWLR3rJ33KZZsFuThDsMg@mail.gmail.com> <35fdaa10-426d-d732-717d-37a25207250b@cisco.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/oV3xpsBRiXawoQd3hUse31VkvqM>
Subject: Re: [Anima] Secdir last call review of draft-ietf-anima-bootstrapping-keyinfra-16
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 20:19:54 -0000

On Oct 2, 2018, at 3:29 PM, Eliot Lear <lear@cisco.com> wrote:
> You really answered your own concern.  Nobody would put up with such an
> approach that either intentionally bricked* a perfectly functional
> device.

No one would put up with it if they anticipated it.   The problem is that they might not anticipate it.   It's the kind of risk that the end user might simply not imagine.

v2.23.0 | Report a Bug | By Email