[DNSOP] on staleness of code points and code (mentions MD5 commentary from IETF98)

Paul Vixie <paul@redbarn.org> Mon, 27 March 2017 19:45 UTC

Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 96FC21295E3 for <dnsop@ietfa.amsl.com>; Mon, 27 Mar 2017 12:45:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id zHJNL5taYpBC for <dnsop@ietfa.amsl.com>; Mon, 27 Mar 2017 12:45:12 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93F0F1294AE for <dnsop@ietf.org>; Mon, 27 Mar 2017 12:45:08 -0700 (PDT)
Received: from [IPv6:2001:67c:370:128:a0d6:a112:7504:16a1] (t2001067c03700128a0d6a112750416a1.v6.meeting.ietf.org [IPv6:2001:67c:370:128:a0d6:a112:7504:16a1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 5980161F9C for <dnsop@ietf.org>; Mon, 27 Mar 2017 19:45:08 +0000 (UTC)
Message-ID: <58D96BC0.9040701@redbarn.org>
Date: Mon, 27 Mar 2017 12:45:04 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.12 (Windows/20170323)
MIME-Version: 1.0
To: "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/G3UAMpGCUgXPz4S9RAPV4eR69gc>
Subject: [DNSOP] on staleness of code points and code (mentions MD5 commentary from IETF98)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 19:45:14 -0000

evan hunt of isc just spoke at the microphones and said "an md5
validator implementation that isn't used isn't hurting anybody." on
pressure of time, the microphones had closed, so i'm commenting here.

i disagree. all code has bugs, eventually. or at least, there is no
existence proof to the contrary, and also, no reason to suspect
otherwise. so, code that is not used will not be reviewed or maintained.
it's a risk, just by existing.

also, a validator that outputs "secure" based on MD5 inputs is making a
promise it can't keep. noone should believe such an output, but there is
no way to signal such a policy -- other than by removing the code point,
and the code that implements it.

P Vixie