IETF Logo Mail Archive

[Ideas] Spencer Dawkins' Yes on charter-ietf-ideas-00-00: (with COMMENT)

Spencer Dawkins <spencerdawkins.ietf@gmail.com> Fri, 08 September 2017 22:01 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: ideas@ietf.org
Delivered-To: ideas@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id AF0F6132940; Fri, 8 Sep 2017 15:01:32 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
To: The IESG <iesg@ietf.org>
Cc: aretana@cisco.com, ideas-chairs@ietf.org, ideas@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.60.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150490809267.17244.96544246533076816.idtracker@ietfa.amsl.com>
Date: Fri, 08 Sep 2017 15:01:32 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/rc6L4taCPnjU8875pQTT_jQmwzw>
Subject: [Ideas] Spencer Dawkins' Yes on charter-ietf-ideas-00-00: (with COMMENT)
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2017 22:01:33 -0000

Spencer Dawkins has entered the following ballot position for
charter-ietf-ideas-00-00: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)



The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/charter-ietf-ideas/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

If only "Yes, but ..." was a position I could select ...

I'm really glad to see this going forward - enough to ballot "Yes".

This looks like a framework that could be used in a number of use cases, and my
"Yes, but ..." is that it's not clear to me, how much analysis of ID/Loc
separation security implications that some folks downstream are going to have
to do, when using this framework.

I'm remembering an exchange with a document editor on the last telechat that
could be summarized as "we didn't do the work on general security implications
of X, so each usage of X has to do that work itself, rather than pointing to
previous work". OK, if that's where we are, but IDEAS hasn't already done the
same thing (yet).

I'm looking at deliverables like "Requirements for identity authentication and
authorization service (for GRIDS)" and "Threat model document", so I know
there's SOMEthing in there, but I don't know what else might be required, if
someone wanted to think about the general security implications of GRIDS, and I
note that those deliverables are listed as living drafts or wiki entries, which
doesn't sound like anything GRIDS framework usages would be able to point to,
when they need to look at security implications.

Is a look at general security implications, in a form that specific framework
usages can point to, on the table for IDEAS?

(It doesn't have to be, for me to ballot Yes, but I did have to ask, right?)

v2.23.0 | Report a Bug | By Email