IETF Logo Mail Archive

Re: Comments on draft-mm-wg-effect-encrypt-11

Brian Trammell (IETF) <ietf@trammell.ch> Tue, 02 May 2017 10:36 UTC

Return-Path: <ietf@trammell.ch>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB658126BFD; Tue, 2 May 2017 03:36:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aAigLu78cBl5; Tue, 2 May 2017 03:36:11 -0700 (PDT)
Received: from capri.iway.ch (capri.iway.ch [IPv6:2001:8e0:40:325::45]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A97F1315C5; Tue, 2 May 2017 03:32:17 -0700 (PDT)
Received: from gozo.iway.ch (localhost [127.0.0.1]) by localhost (Postfix) with ESMTP id 3E36D34053A; Tue, 2 May 2017 12:32:15 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by localhost (ACF/7408.13995); Tue, 2 May 2017 12:32:14 +0200 (CEST)
Received: from switchplus-mail.ch (switchplus-mail.ch [212.25.8.236]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by gozo.iway.ch (Postfix) with ESMTPS; Tue, 2 May 2017 12:32:14 +0200 (CEST)
Received: from [195.176.111.24] (account ietf@trammell.ch HELO public-docking-cx-1383.ethz.ch) by switchplus-mail.ch (CommuniGate Pro SMTP 6.1.14) with ESMTPSA id 16221086; Tue, 02 May 2017 12:32:14 +0200
Subject: Re: Comments on draft-mm-wg-effect-encrypt-11
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: multipart/signed; boundary="Apple-Mail=_117FFD57-6E25-4954-8304-95B9F8A4DAAF"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail
From: Brian Trammell <ietf@trammell.ch>
In-Reply-To: <C49A16E7-1680-4FC9-A423-15A32EFF3D8F@mnot.net>
Date: Tue, 02 May 2017 12:32:13 +0200
Cc: IESG <iesg@ietf.org>, IETF Discussion Mailing List <ietf@ietf.org>
Message-Id: <21A01174-4FB6-4F8C-AA3D-DCF6D1FEBA01@trammell.ch>
References: <C49A16E7-1680-4FC9-A423-15A32EFF3D8F@mnot.net>
To: Mark Nottingham <mnot@mnot.net>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/4ibVqMUj8Q3nx0LN3R8aEf7X0Jw>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 May 2017 10:36:14 -0000

hi Mark,

...hm, apparently I *will* comment on the structure of the current document, inline below...

> On 01 May 2017, at 05:45, Mark Nottingham <mnot@mnot.net> wrote:
> 
> Overall, this document reads as if it was originally written to highlight the downsides of increased use of encryption, and then rewritten to be more neutral in tone. Unfortunately, some of the original intent posited there still seeps through.
> 
> In doing so, it often fails to convey that there are any options other than "this has to be done by the network." I know that this has been cast as a survey of potential impacts, and therefore doesn't necessary need to enumerate alternatives, but the way that it's written could easily lead a reader to think that there aren't alternatives. It also is odd that alternatives are not enumerated when they're often well-known, and the really interesting issues are in the tradeoffs between doing something in the network (i.e., as a third party) vs. by one of the endpoints (a first party to communication) or their delegates.

I think the statement of alternatives is a different document, though; it's one that needs to be written, yes, but the division of problem space and solution space is IMO useful here. I see this as the analogous to the split between RFC 7624 and draft-iab-privsec-confidentiality-mitigations. It was quite useful in having the former as a complete statement of what we think the problem is (in more detail that 7258's declaration) before recommending solutions. And, indeed, it's entirely possible that an IETF consensus statement on the solutions available for a given problem is "we have decided that this is not actually a problem we should design for", as in RFC 2804.

Cheers,

Brian

v2.23.0 | Report a Bug | By Email