IETF Logo Mail Archive

Re: [cnit] CNIT Charter bashing..

Richard Shockey <richard@shockey.us> Thu, 28 May 2015 18:15 UTC

Return-Path: <richard@shockey.us>
X-Original-To: cnit@ietfa.amsl.com
Delivered-To: cnit@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFBA81A8928 for <cnit@ietfa.amsl.com>; Thu, 28 May 2015 11:15:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.805
X-Spam-Level: *
X-Spam-Status: No, score=1.805 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_WEB=0.77, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8G_uNHyGf7Hw for <cnit@ietfa.amsl.com>; Thu, 28 May 2015 11:15:50 -0700 (PDT)
Received: from qproxy2.mail.unifiedlayer.com (qproxy2-pub.mail.unifiedlayer.com [69.89.16.161]) by ietfa.amsl.com (Postfix) with SMTP id 4CD6B1A86F2 for <cnit@ietf.org>; Thu, 28 May 2015 11:15:50 -0700 (PDT)
Received: (qmail 7578 invoked by uid 0); 28 May 2015 18:15:45 -0000
Received: from unknown (HELO CMOut01) (10.0.90.82) by qproxy2.mail.unifiedlayer.com with SMTP; 28 May 2015 18:15:45 -0000
Received: from box462.bluehost.com ([74.220.219.62]) by CMOut01 with id ZVlH1q00J1MNPNq01VlLF3; Thu, 28 May 2015 11:45:24 -0600
X-Authority-Analysis: v=2.1 cv=Zox+dbLG c=1 sm=1 tr=0 a=jTEj1adHphCQ5SwrTAOQMg==:117 a=jTEj1adHphCQ5SwrTAOQMg==:17 a=cNaOj0WVAAAA:8 a=f5113yIGAAAA:8 a=j1VUBDpLDLYA:10 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=ZZnuYtJkoWoA:10 a=8WrITzYgnNwA:10 a=HGEM6zKYvpEA:10 a=h1PgugrvaO0A:10 a=PeFO9FbFhS32YxYntvkA:9 a=dci_DRCyiIAA:10 a=CiRkrLRW1GAA:10 a=iycWLhIX580A:10 a=bfLuiRfvAAAA:8 a=48vgC7mUAAAA:8 a=pGLkceISAAAA:8 a=eT9KCcUOu21CDIZASjUA:9 a=g7X-79KplOj5KHfx:21 a=Pi8Fb3-QMzlXoJ1Z:21 a=wPNLvfGTeEIA:10 a=imQsMY7uihzKSOHQ9r4A:9 a=f1gIlhYE0eapzYi4:21 a=LS_9148_J_8FuNrv:21 a=7s1D24Eg_kb6g8zM:21 a=_W_S_7VecoQA:10
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=shockey.us; s=default; h=Content-type:Mime-version:In-Reply-To:References:Message-ID:To:From:Subject:Date; bh=SE7xuBjmja0mQXecmZmZXDSYWD4auWTitWBySXOJwxM=; b=NlONz2rFJeov1gp/M38n0oEOu7hHlY7fpVA1TuFfbiOoddXk9TUfqju2MRX6NEioka21FN5HxbBfErYjRDU1J6TSXGJ15A5LuWJu7KOmUwd2kWpbAcLIAJ2WHCwSqhT/;
Received: from [108.56.131.201] (port=52156 helo=[192.168.1.12]) by box462.bluehost.com with esmtpa (Exim 4.84) (envelope-from <richard@shockey.us>) id 1Yy21q-0002lx-4M; Thu, 28 May 2015 11:55:38 -0600
User-Agent: Microsoft-MacOutlook/14.5.1.150515
Date: Thu, 28 May 2015 13:55:33 -0400
From: Richard Shockey <richard@shockey.us>
To: Eric Burger <eburger@standardstrack.com>, cnit@ietf.org
Message-ID: <D18CCD06.25EF7%richard@shockey.us>
Thread-Topic: [cnit] CNIT Charter bashing..
References: <D13EDE15.22E45%richard@shockey.us> <CAHBDyN7KX9dPTHiuWGk-yqqkDt+LYqnDwY_pBWpnLdJFCMvPeg@mail.gmail.com> <CAHBDyN5KZpiA4bU_gvcB+Wk0Bv9AS0+bvU9OsCS3OpMDbUGchA@mail.gmail.com> <D1890314.25B94%richard@shockey.us> <D52BE1C0-20EA-40A0-A0CC-28197574E0BB@standardstrack.com>
In-Reply-To: <D52BE1C0-20EA-40A0-A0CC-28197574E0BB@standardstrack.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3515666138_156310"
X-Identified-User: {3286:box462.bluehost.com:shockeyu:shockey.us} {sentby:smtp auth 108.56.131.201 authed with richard+shockey.us}
Archived-At: <http://mailarchive.ietf.org/arch/msg/cnit/MX_BfuHtZmS-Xr1wi7gmeppFW7s>
Subject: Re: [cnit] CNIT Charter bashing..
X-BeenThere: cnit@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Calling Name Identity Trust discussion list <cnit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cnit>, <mailto:cnit-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cnit/>
List-Post: <mailto:cnit@ietf.org>
List-Help: <mailto:cnit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cnit>, <mailto:cnit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2015 18:15:53 -0000

A fair argument but I don¹t want to spend 5 years waiting for a series of
normative dependencies on the trust model before actually understanding what
headers can/should be used here.


Its much too difficult to get things done in the IETF as it is.   I¹d much
prefer building from success starting with the definition of the data object
then ..then folding that into a trust model and frankly given what we have
seen in STIR I¹m not sure your argument holds up. Again the MARTINI model.

Didn¹t you recently  say something about ³perfection is the enemy of the
good²  :-) 



From:  Eric Burger <eburger@standardstrack.com>
Date:  Wednesday, May 27, 2015 at 10:11 PM
To:  <cnit@ietf.org>
Subject:  Re: [cnit] CNIT Charter bashing..

On May 25, 2015, at 5:31 PM, Richard Shockey <richard@shockey.us> wrote:
> 
> From:  Mary Barnes <mary.ietf.barnes@gmail.com>
> Date:  Friday, May 22, 2015 at 12:58 PM
> Attached is what I have at this point. Really, the only thing I'm struggling
> with is the milestones as I don't think we can request publication of the data
> object and headers without having defined the trust model.
> 
> 
> RS> Mary I¹m not sure about that statement. I can certainly anticipate several
> deployment models where the trust mechanism (aka signing) does not need to be
> formally integrated in the solution especially those where the exchange of
> data is more bi-lateral and the trust mechanism is at lower layers of the
> stack than the signaling. My initial concern  is what is the header and what
> is the data object(s) carried in the header. How the CNIT data is created
> should not be our concern.

I do not buy it. If there are private agreements between service providers,
they have private agreements. They can do whatever they want.

Last I looked, this is the Internet Engineering Task Force. Assume untrusted
transport across the wide open Internet, and trust no endpoint that cannot
cryptographically prove who they are. If it happens two service providers
exchange CNIT data over a single, yellow cable, then it is a benefit that no
state-sponsored security service can listen in on the cable.

I do not want to take three years to build a protocol and two more years
after that for products to be available just to have a system that only
works in walled gardens. I do not want to be the person that has to explain
to the media why Calling Name Delivery is just as broken as it always was
and it will be another five years before the world sees a real solution.

Let us get this right the first time.
[snip]
_______________________________________________ cnit mailing list
cnit@ietf.org https://www.ietf.org/mailman/listinfo/cnit

v2.23.0 | Report a Bug | By Email