Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)

Dave Crocker <dhc@dcrocker.net> Thu, 21 August 2014 03:34 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75E491A6F87 for <ietf@ietfa.amsl.com>; Wed, 20 Aug 2014 20:34:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XpFBriwR8nnZ for <ietf@ietfa.amsl.com>; Wed, 20 Aug 2014 20:33:58 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AB761A6F54 for <ietf@ietf.org>; Wed, 20 Aug 2014 20:33:58 -0700 (PDT)
Received: from [10.225.7.207] ([50.59.22.2]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s7L3XlkT003026 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 20 Aug 2014 20:33:52 -0700
Message-ID: <53F54F1C.1060405@dcrocker.net>
Date: Wed, 20 Aug 2014 18:45:00 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
References: <CAMm+Lwh1xzaxqqnnbdgFQrR0pWknsHru8zjnjCMVjihymXtKNw@mail.gmail.com> <alpine.LFD.2.10.1408202100590.6648@bofh.nohats.ca> <53F548E5.2070208@cs.tcd.ie>
In-Reply-To: <53F548E5.2070208@cs.tcd.ie>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Wed, 20 Aug 2014 20:33:52 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/GB1ZkrvZowae0uxhPWP12tYK4TA
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Aug 2014 03:34:00 -0000

On 8/20/2014 6:18 PM, Stephen Farrell wrote:
> Personally, I think the probability that we suddenly discover any 
> significantly better term is negligible. Not because OS is 
> super-good, but rather because nothing is super-good. And
> good-enough should be good-enough here.

While there has been repeated, quick dismissal of alternative terms, I
don't recall seeing a careful consideration of candidates, with a clear
explanation for the choice(s) made, making clear why it is better (or
why its deficiencies are less onerous than those of the alternatives.)

The problems with 'opportunistic' and with 'security', relative to the
actual content of this draft, have been pointed out repeatedly.  They
are significant.

Rather than again casually waving away a suggested alternative, could we
see a summary consideration of choices, please?


> In fact, I'd say so its so negligible that attempting to find such 
> (yet again, maybe for the 8th time?) is counterproductive.

This suggests a view that vocabulary choice does not matter all that
much.  For an audience of technical insiders, that's probably true.
Provide definitions and those folk will adjust.

For a wider audience, words carry quite a lot of baggage and so the
choice of terminology matters.

Confusing adept and adapt is an example of this latter case.

So is the considerable ambiguity of the word 'security'.


> But that doesn't stop folks genuinely trying seemingly, I guess its 
> too tempting a windmill at which to tilt;-)

Here again, Stephen, one would not expect the cognizant AD to be so
readily directive and dismissive of points being raised seriously and by
a range of different contributors.

The mere fact that there is such a broad and persistent base of concern
with 'opportunistic security' warrants taking the issue far more seriously.


d/
-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net