Re: [dna] next steps on draft-ietf-dna-simple

Ted Lemon <mellon@fugue.com> Thu, 10 December 2009 17:08 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dna@core3.amsl.com
Delivered-To: dna@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DCAF03A6B21; Thu, 10 Dec 2009 09:08:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id biNLAtO02Bkr; Thu, 10 Dec 2009 09:08:45 -0800 (PST)
Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by core3.amsl.com (Postfix) with ESMTP id CB4EE3A6ACF; Thu, 10 Dec 2009 09:08:44 -0800 (PST)
Received: from [10.0.1.106] (cpe-24-28-83-184.austin.res.rr.com [24.28.83.184]) by toccata.fugue.com (Postfix) with ESMTPSA id 3C8CE34E4417; Thu, 10 Dec 2009 10:12:25 -0700 (MST)
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset=us-ascii
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <4B21272D.7060605@piuha.net>
Date: Thu, 10 Dec 2009 11:08:31 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <79625CA2-73A1-487A-B156-EA36A3C8FFCB@fugue.com>
References: <4B0655CB.2040309@piuha.net> <4B203D25.5090409@ericsson.com> <BLU137-DS1F32A2E3E81C6B537AB94938D0@phx.gbl> <4B21272D.7060605@piuha.net>
To: DNA <dna@eng.monash.edu.au>
X-Mailer: Apple Mail (2.1077)
Cc: dna@ietf.org, IESG <iesg@ietf.org>, draft-ietf-dna-simple@tools.ietf.org
Subject: Re: [dna] next steps on draft-ietf-dna-simple
X-BeenThere: dna@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNA working group mailing list <dna.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dna>
List-Post: <mailto:dna@ietf.org>
List-Help: <mailto:dna-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dna>, <mailto:dna-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2009 17:08:46 -0000

On Dec 10, 2009, at 10:51 AM, Jari Arkko wrote:
> In particular, it MUST NOT decide it has rejoined a network known to be physically secure, and proceed to abandon cryptographic protection.

I really don't like this language, because it implies that there is such a thing as a network that's physically secure, and because it suggests that there are networks on which secure protocols need not be run.   Recent history would suggest otherwise (see yesterday's articles about penetration of ATM networks, for instance).

I would rather see something like this:

In particular, it MUST NOT decide that it has moved from an untrusted to a trusted network, and MUST NOT make any security decisions that depend on the determination that such a transition has occurred.