RE: Security for various IETF services

Christian Huitema <huitema@microsoft.com> Sun, 06 April 2014 23:30 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB0871A01C7 for <ietf@ietfa.amsl.com>; Sun, 6 Apr 2014 16:30:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83hZa0rZRJBf for <ietf@ietfa.amsl.com>; Sun, 6 Apr 2014 16:30:20 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0240.outbound.protection.outlook.com [207.46.163.240]) by ietfa.amsl.com (Postfix) with ESMTP id 9025B1A0584 for <ietf@ietf.org>; Sun, 6 Apr 2014 16:30:19 -0700 (PDT)
Received: from BLUPR03MB424.namprd03.prod.outlook.com (10.141.78.152) by BLUPR03MB423.namprd03.prod.outlook.com (10.141.78.150) with Microsoft SMTP Server (TLS) id 15.0.908.10; Sun, 6 Apr 2014 23:30:12 +0000
Received: from BLUPR03MB424.namprd03.prod.outlook.com ([10.141.78.152]) by BLUPR03MB424.namprd03.prod.outlook.com ([10.141.78.152]) with mapi id 15.00.0908.008; Sun, 6 Apr 2014 23:30:12 +0000
From: Christian Huitema <huitema@microsoft.com>
To: "ietf@ietf.org" <ietf@ietf.org>
Subject: RE: Security for various IETF services
Thread-Topic: Security for various IETF services
Thread-Index: AQHPT1jcTXDUfJOah0OH2ltCrxPwgZsEwa4AgAB5wwCAAATOIA==
Date: Sun, 6 Apr 2014 23:30:11 +0000
Message-ID: <ecabb0a4080548d99ab083c0ff0c27ee@BLUPR03MB424.namprd03.prod.outlook.com>
References: <533D8A90.60309@cs.tcd.ie> <53417832.90405@cs.tcd.ie> <alpine.LRH.2.01.1404061602580.14892@egate.xpasc.com>
In-Reply-To: <alpine.LRH.2.01.1404061602580.14892@egate.xpasc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [24.16.156.113]
x-forefront-prvs: 0173C6D4D5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(199002)(189002)(50986001)(94316002)(95666003)(86362001)(49866001)(87936001)(97186001)(69226001)(80976001)(76786001)(87266001)(31966008)(83072002)(92566001)(56816005)(47976001)(2656002)(85852003)(74662001)(97336001)(47446002)(53806001)(74316001)(74876001)(95416001)(76482001)(74502001)(90146001)(94946001)(47736001)(93516002)(46102001)(85306002)(93136001)(54356001)(63696002)(33646001)(81542001)(66066001)(54316002)(76576001)(81342001)(81816001)(74366001)(76796001)(98676001)(59766001)(4396001)(65816001)(81686001)(80022001)(83322001)(20776003)(56776001)(77982001)(99396002)(79102001)(74706001)(24736002); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR03MB423; H:BLUPR03MB424.namprd03.prod.outlook.com; FPR:605BF61F.1D14F4E9.6DE013B8.C4E9A1CC.20133; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (: microsoft.com does not designate permitted sender hosts)
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/AuRGN_6eV7T4xP2Tnv-E9DB4Dhw
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Apr 2014 23:30:26 -0000

> I agree with those who've said a threat analysis is needed before
> deciding access is limited to TLS or other secure alternative.

But we have that threat analysis, and the recommended mitigation is precisely "encrypt everything." The "pervasive monitoring" threat is analyzed by a number of perpass drafts, and Stephen has merely followed the conclusions of that analysis. There is no need to repeat that analysis for each and every tool that the IETF produces, and there is indeed a need for the IETF as a whole to "lead by example."

-- Christian Huitema