IETF Logo Mail Archive

[Curdle] Adoption of rc4-die-die-die document

"Salz, Rich" <rsalz@akamai.com> Wed, 16 August 2017 19:48 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DE11132143 for <curdle@ietfa.amsl.com>; Wed, 16 Aug 2017 12:48:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N56v3QpQj33p for <curdle@ietfa.amsl.com>; Wed, 16 Aug 2017 12:48:32 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 957801326D5 for <curdle@ietf.org>; Wed, 16 Aug 2017 12:48:32 -0700 (PDT)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.21/8.16.0.21) with SMTP id v7GJlslv017088 for <curdle@ietf.org>; Wed, 16 Aug 2017 20:48:31 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : content-type : mime-version; s=jan2016.eng; bh=/HszshDcL5UkPOYpQxYI/fO9eaJt1dcpbcXXwy2dq0k=; b=NzFZHwtiisu8ELdHzmV4Es/tEVqxP+Nq8hMYWsW+7mQzg8KtAJDXH1XgY5cOCndISfYf Q7qmBHWO2Du3/5AgqZPVYz2Mh/Hevfp/dCI3A9OBLCup5fVGmmNMQSklNHzsgF9lJx84 /WSsg0dUhyd6KueOjTsFK1Zl97ZsCcEHs0MrU97JWSibM490uSEpi3Dm80wHy4hdyuU+ scCwpVjXX+ZlOxzXIQOsCPuqjsgei2P/83v/yBVD7sSNaMB/V/PwQSTirT2xV6VvQO1/ gmZwc/gs7TMde2TQQe4kiYrxGqnHCujzRRB14efqAfuWiuwSszHe/6lugkpvjLzHjhWL 9A==
Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by m0050093.ppops.net-00190b01. with ESMTP id 2cc6dv3vb7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <curdle@ietf.org>; Wed, 16 Aug 2017 20:48:31 +0100
Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v7GJk3Xx015147 for <curdle@ietf.org>; Wed, 16 Aug 2017 15:48:29 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.32]) by prod-mail-ppoint1.akamai.com with ESMTP id 2cc6cvc7yy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <curdle@ietf.org>; Wed, 16 Aug 2017 15:48:29 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 16 Aug 2017 15:48:28 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Wed, 16 Aug 2017 15:48:28 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "curdle@ietf.org" <curdle@ietf.org>
Thread-Topic: Adoption of rc4-die-die-die document
Thread-Index: AQHTFsih0LuARi3xekapmVQwQpXY6g==
Date: Wed, 16 Aug 2017 19:48:28 +0000
Message-ID: <AF662C78-D0D9-4C57-8B45-B95C2311A048@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1b.0.161010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.46.75]
Content-Type: multipart/alternative; boundary="_000_AF662C78D0D94C578B45B95C2311A048akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-16_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708160325
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-16_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708160326
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/hBZF4pWcoWbO_d-gKVu8SV_3Rs8>
Subject: [Curdle] Adoption of rc4-die-die-die document
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2017 19:48:34 -0000

We have adopted draft-ietf-curdle-rc4-die-die-die.  Full doc details are at https://datatracker.ietf.org/doc/draft-ietf-curdle-rc4-die-die-die/

There are concerns that this document is over-reaching our charter, and that a document to remove RC4 from all protocols is beyond our scope.  It is hard to argue with that ☺

Should we ask to expand the charter?  Daniel suggested maybe a crypto policy document, but that probably belongs in SAAG or even IESG.

So what should be taken out of this document so that we can move forward?   Or should we ask for the ability to condemn RC4 for all of the IETF?

v2.23.0 | Report a Bug | By Email