IETF Logo Mail Archive

[Ecrit] [Fwd: DISCUSS: draft-ietf-ecrit-lost]

Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Tue, 04 March 2008 08:11 UTC

Return-Path: <ecrit-bounces@ietf.org>
X-Original-To: ietfarch-ecrit-archive@core3.amsl.com
Delivered-To: ietfarch-ecrit-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D6153A6EA9; Tue, 4 Mar 2008 00:11:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.707
X-Spam-Level:
X-Spam-Status: No, score=-0.707 tagged_above=-999 required=5 tests=[AWL=-0.270, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7pNN5KF7OiJ2; Tue, 4 Mar 2008 00:11:47 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2B4C83A6E94; Tue, 4 Mar 2008 00:11:47 -0800 (PST)
X-Original-To: ecrit@core3.amsl.com
Delivered-To: ecrit@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 81FC43A6E94 for <ecrit@core3.amsl.com>; Tue, 4 Mar 2008 00:11:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgKUTuwdiluw for <ecrit@core3.amsl.com>; Tue, 4 Mar 2008 00:11:40 -0800 (PST)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by core3.amsl.com (Postfix) with SMTP id 9F4C13A6E8B for <ecrit@ietf.org>; Tue, 4 Mar 2008 00:11:39 -0800 (PST)
Received: (qmail invoked by alias); 04 Mar 2008 08:11:29 -0000
Received: from 81-174-34-167.static.ngi.it (EHLO [192.168.1.70]) [81.174.34.167] by mail.gmx.net (mp021) with SMTP; 04 Mar 2008 09:11:29 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/56XEHhBr5hVPOunEz9okuPWFYGIG0N4urXARcDM admFepmaE3Qg5C
Message-ID: <47CD0432.5030103@gmx.net>
Date: Tue, 04 Mar 2008 10:11:30 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: ecrit@ietf.org
X-Y-GMX-Trusted: 0
Subject: [Ecrit] [Fwd: DISCUSS: draft-ietf-ecrit-lost]
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ecrit-bounces@ietf.org
Errors-To: ecrit-bounces@ietf.org


-------- Original Message --------
Subject: 	DISCUSS: draft-ietf-ecrit-lost
Date: 	Mon, 3 Mar 2008 12:24:06 -0800 (PST)
From: 	Tim Polk <tim.polk@nist.gov>
To: 	iesg@ietf.org
CC: 	ecrit-chairs@tools.ietf.org, draft-ietf-ecrit-lost@tools.ietf.org



Discuss:
The introduction suggests that LoST may be appropriate for non-emergency services
as well, but does not revisit that notion anywhere else in the document.  As noted in Joe
Salowey's secdir review, there may be different threats or motivations which could affect
the applicability of LoST to such applications.  From his review:

   3) Use in non-ecrit cases - has much thought been given to the use of
   LoST in non-Ecrit cases?  There may be different threats or at least
   motivations than those covered in draft-ietf-ecrit-security-threats.
   For example, in non-ecrit cases an attacker may seek monetary benefit
   through attacking the LoST protocol to return inaccurate service mapping
   information.  The suggestion here is to either consider this case of
   non-ecrit in more detail or to state that threats outside ecrit cases
   may be different. 

At a minimum, the security considedrations section should note that
non-emergency services may face a different set of threats.  The requirements
for these services should be carefully reviewed to ensure that LoST can be
used to achieve the service's security requirements.


_______________________________________________
Ecrit mailing list
Ecrit@ietf.org
https://www.ietf.org/mailman/listinfo/ecrit

v2.23.0 | Report a Bug | By Email