Re: [Dime] RE : Re: AW: unexpected consequence of deprecating E2E security in RFC 3588 bis

Glen Zorn <glenzorn@gmail.com> Mon, 01 October 2012 03:34 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED32221F8467 for <dime@ietfa.amsl.com>; Sun, 30 Sep 2012 20:34:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.471
X-Spam-Level:
X-Spam-Status: No, score=-3.471 tagged_above=-999 required=5 tests=[AWL=0.128, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y1Qa1jvN4Sy1 for <dime@ietfa.amsl.com>; Sun, 30 Sep 2012 20:34:35 -0700 (PDT)
Received: from mail-pa0-f44.google.com (mail-pa0-f44.google.com [209.85.220.44]) by ietfa.amsl.com (Postfix) with ESMTP id 7F1A721F8458 for <dime@ietf.org>; Sun, 30 Sep 2012 20:34:35 -0700 (PDT)
Received: by padfb11 with SMTP id fb11so3880613pad.31 for <dime@ietf.org>; Sun, 30 Sep 2012 20:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=rpVI+y4Pd3WDRLvC2U34VVWInSpMAAHBFQCWfGyxlvY=; b=HNOnF/7q6VRiRfUu2nuas8shN/q8UiuCrLh6Y4BEpEfiXHrEwfdwW2ugPlUegdLhA1 8ZN8bE/c6raoWQZLugxpl/yEtfk7gCaRjpvWHZ5EacGwe3vNXmp39JMlvWOqssCu+TZs sKvM93qtv7lxuEMd0aIrV2iCqHuWZQKgPaD6IuJBOkYvQ2xl2FeIVO2c6+j0BQ9Ph2BY K+z/be1fYlQ2IJONaxtAktQ9sasFtIxoErEaETfVXIsKEP3NcQqI+ocJIjVYpOfXW2GR 3blTK97U5+CDwHIJg0QWPcNuXxbsIfBe6lrVD9mO1y00YegptYFleuDwYwZ0ImwFBnxK bjTw==
Received: by 10.68.242.9 with SMTP id wm9mr37657028pbc.62.1349062475269; Sun, 30 Sep 2012 20:34:35 -0700 (PDT)
Received: from [192.168.0.102] (ppp-124-120-131-31.revip2.asianet.co.th. [124.120.131.31]) by mx.google.com with ESMTPS id nz6sm9562939pbb.50.2012.09.30.20.34.32 (version=SSLv3 cipher=OTHER); Sun, 30 Sep 2012 20:34:34 -0700 (PDT)
Message-ID: <50690F46.7020304@gmail.com>
Date: Mon, 01 Oct 2012 10:34:30 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120914 Thunderbird/15.0.1
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <5062DD0C.2080300@gmail.com> <27169_1348684002_506348E2_27169_14408_1_6B7134B31289DC4FAF731D844122B36E074A1A@PEXCVZYM13.corporate.adroot.infra.ftgroup> <5063CEC3.9080305@gmail.com> <1836CE1BA4F81F46921CA0334F7E4274583123AEA0@HE113456.emea1.cds.t-internal.com> <5064329D.40203@gmail.com> <20096_1348913297_5066C891_20096_2169_1_6B7134B31289DC4FAF731D844122B36E0758C4@PEXCVZYM13.corporate.adroot.infra.ftgroup> <5066CB47.1070807@gmail.com> <19603_1348915144_5066CFC8_19603_1305_1_6B7134B31289DC4FAF731D844122B36E0758E2@PEXCVZYM13.corporate.adroot.infra.ftgroup>, <5066EA99.3020801@gmail.com> <26184_1349003712_506829C0_26184_9758_1_tTKzDPgZM1TV@TJw0VVKN> <50684D98.8010400@cs.tcd.ie>
In-Reply-To: <50684D98.8010400@cs.tcd.ie>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "draft-ietf-dime-rfc3588bis@tools.ietf.org" <draft-ietf-dime-rfc3588bis@tools.ietf.org>, "Stefan.Schroeder06@telekom.de" <Stefan.Schroeder06@telekom.de>, "dime@ietf.org" <dime@ietf.org>, "turners@ieca.com" <turners@ieca.com>
Subject: Re: [Dime] RE : Re: AW: unexpected consequence of deprecating E2E security in RFC 3588 bis
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Oct 2012 03:34:36 -0000

On 09/30/2012 08:48 PM, Stephen Farrell wrote:

>
 > Just checking I've got this right. The plan now is to say you MUST
 > NOT send "e2e-sensitive" AVPs without e2e security

Or explicit policy that says it's OK.

> and to have a list
 > of currently known e2e-sensitive AVPs in 3588bis.

Yup.

> If so, that seems
 > like a good thing to me.

OK, cool.

>
 > Maybe consider an IANA registry listing the e2e-sensitive AVPs that
 > could be updated via expert review for when the current list gets
 > outdated? Could be done later if needed though, so just a
 > suggestion.

I think later is better.

...