Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-ideas-00-00: (with COMMENT)
"Alvaro Retana (aretana)" <aretana@cisco.com> Mon, 11 September 2017 22:14 UTC
Return-Path: <aretana@cisco.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EADE6132D89; Mon, 11 Sep 2017 15:14:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.521
X-Spam-Level:
X-Spam-Status: No, score=-14.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D84wINQQuFPi; Mon, 11 Sep 2017 15:14:26 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17BD2126B71; Mon, 11 Sep 2017 15:14:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3256; q=dns/txt; s=iport; t=1505168066; x=1506377666; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=GbU4oQ3Oyj6G4kH6udYE1x1aGlshnM6K8YdhwOqH2gY=; b=TOihaAC98JbYdP6F0Rc7+S5paCusqVE6+N3Rzi7QeYyOcYeBhITV7qmR hDaDJZcmjf3V6nvtK3vC59nwEMT8pqo1D7A/EZGgxn8ZIjIJ+m4Cy5v+J 8Xzw2LK9P8tuMmcuS9U+LPcirWaPOn17+eQ7vgb7mBAT290aJtQlxsiWK Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ALAwD5CbdZ/4kNJK1UCRkBAQEBAQEBAQEBAQcBAQEBAYNbgVInB4NwmkSKLpABCoU+AhqECVcBAgEBAQEBAmsohRkGIxFFEAIBCBoCJgICAh8RFRACBAENBYoZAxWrCYInhzQNg28BAQEBAQEBAQEBAQEBAQEBAQEBAQEdgQ6CHYICgVCCDguCcoJYgXWDPTCCMQEEigaOLogEPAKPWYR2knGMU4grAhEZAYE4AVeBDXcVXAGFBRyBZ3aJe4EPAQEB
X-IronPort-AV: E=Sophos;i="5.42,380,1500940800"; d="scan'208";a="1513112"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 11 Sep 2017 22:14:25 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id v8BMEP8U027605 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 11 Sep 2017 22:14:25 GMT
Received: from xch-aln-002.cisco.com (173.36.7.12) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 11 Sep 2017 17:14:24 -0500
Received: from xch-aln-002.cisco.com ([173.36.7.12]) by XCH-ALN-002.cisco.com ([173.36.7.12]) with mapi id 15.00.1263.000; Mon, 11 Sep 2017 17:14:24 -0500
From: "Alvaro Retana (aretana)" <aretana@cisco.com>
To: Spencer Dawkins <spencerdawkins.ietf@gmail.com>, The IESG <iesg@ietf.org>
CC: "ideas-chairs@ietf.org" <ideas-chairs@ietf.org>, "ideas@ietf.org" <ideas@ietf.org>
Thread-Topic: Spencer Dawkins' Yes on charter-ietf-ideas-00-00: (with COMMENT)
Thread-Index: AQHTK0tTGAquvPuZ9UezZyZyt3mQ2A==
Date: Mon, 11 Sep 2017 22:14:24 +0000
Message-ID: <8402A18E-1905-424C-8DF2-A0038D1C6413@cisco.com>
References: <150490809267.17244.96544246533076816.idtracker@ietfa.amsl.com>
In-Reply-To: <150490809267.17244.96544246533076816.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.25.0.170815
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.117.15.4]
Content-Type: text/plain; charset="utf-8"
Content-ID: <486EA29433CCA749BE7233A14BBE6614@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/nwYK1_Q0IyqxK6T2KjFHvXYqipk>
Subject: Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-ideas-00-00: (with COMMENT)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Sep 2017 22:14:28 -0000
Spencer: Hi! The support documents are listed as examples, and the current intent is not to publish them. I fully expect the Framework to have appropriate Security Considerations (i.e. not a section saying that other documents will consider security) so that every future document doesn’t have to re-examine, at least the general portion. Other documents may obviously contain specific considerations applicable to them (for extensions, protocols, etc.). If you want to, I can add a line pointing explicitly at general security implications of GRIDS as part of the items that should be considered when developing the framework. Thanks! Alvaro. On 9/8/17, 6:01 PM, "Spencer Dawkins" <spencerdawkins.ietf@gmail.com> wrote: ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- If only "Yes, but ..." was a position I could select ... I'm really glad to see this going forward - enough to ballot "Yes". This looks like a framework that could be used in a number of use cases, and my "Yes, but ..." is that it's not clear to me, how much analysis of ID/Loc separation security implications that some folks downstream are going to have to do, when using this framework. I'm remembering an exchange with a document editor on the last telechat that could be summarized as "we didn't do the work on general security implications of X, so each usage of X has to do that work itself, rather than pointing to previous work". OK, if that's where we are, but IDEAS hasn't already done the same thing (yet). I'm looking at deliverables like "Requirements for identity authentication and authorization service (for GRIDS)" and "Threat model document", so I know there's SOMEthing in there, but I don't know what else might be required, if someone wanted to think about the general security implications of GRIDS, and I note that those deliverables are listed as living drafts or wiki entries, which doesn't sound like anything GRIDS framework usages would be able to point to, when they need to look at security implications. Is a look at general security implications, in a form that specific framework usages can point to, on the table for IDEAS? (It doesn't have to be, for me to ballot Yes, but I did have to ask, right?)
- [Ideas] Spencer Dawkins' Yes on charter-ietf-idea… Spencer Dawkins
- Re: [Ideas] [E] Spencer Dawkins' Yes on charter-i… Bogineni, Kalyani
- Re: [Ideas] [E] Spencer Dawkins' Yes on charter-i… Spencer Dawkins at IETF
- Re: [Ideas] [E] Spencer Dawkins' Yes on charter-i… Bogineni, Kalyani
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Alvaro Retana (aretana)
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Spencer Dawkins at IETF
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Tom Herbert
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Uma Chunduri
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Uma Chunduri
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Spencer Dawkins at IETF
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Uma Chunduri
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Yingzhen Qu
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Tom Herbert
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Dino Farinacci
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Spencer Dawkins at IETF
- Re: [Ideas] Spencer Dawkins' Yes on charter-ietf-… Dino Farinacci