Re: Security for various IETF services

Dick Franks <rwfranks@acm.org> Fri, 04 April 2014 20:13 UTC

Return-Path: <rwfranks@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C00E11A0238 for <ietf@ietfa.amsl.com>; Fri, 4 Apr 2014 13:13:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AttD7z0tBDOU for <ietf@ietfa.amsl.com>; Fri, 4 Apr 2014 13:13:11 -0700 (PDT)
Received: from mail-yh0-x231.google.com (mail-yh0-x231.google.com [IPv6:2607:f8b0:4002:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 521321A041A for <ietf@ietf.org>; Fri, 4 Apr 2014 13:13:11 -0700 (PDT)
Received: by mail-yh0-f49.google.com with SMTP id z6so3579188yhz.22 for <ietf@ietf.org>; Fri, 04 Apr 2014 13:13:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=qJigv8O6PGsTz5qd1XiAMxNEfQr2SktetR6OoOE4w8s=; b=DzvWruwYP7w0GImhrDXrdXG5sMDbaULMb+PVyxfHVyeGvoGWhJLzl+uoDwPVKm6lA3 k0RNp2FjasUnyVCwMhsYqNMlK0AHuzBv9Kb1vD6Ed0qMplY3mdOxmW9HbtfWE9f4iTgc zsR0PZEPNWj9FQnzvq0r+Zq4KuwpDhHqmKzwj88S5GGPrp3OhUXDWvWh1OLFT5L0i6lt mXBqs9dpI8kNGvRTBhCgIQxPYZ7GFtzOtGWZO0Ha5+RUEula+MZ43mDCwuk8opfkH9WK xvwMuuejcIOrRbLaL5X3Jmo6scuShqDGJBzfQdUv4n05DR27S6Ledb8OmIdshUk7upYQ J/iQ==
X-Received: by 10.236.77.165 with SMTP id d25mr12674622yhe.119.1396642386559; Fri, 04 Apr 2014 13:13:06 -0700 (PDT)
MIME-Version: 1.0
Sender: rwfranks@gmail.com
Received: by 10.170.129.143 with HTTP; Fri, 4 Apr 2014 13:12:26 -0700 (PDT)
In-Reply-To: <533F0C7B.9090705@isdg.net>
References: <533D8A90.60309@cs.tcd.ie> <533EEF35.7070901@isdg.net> <CAKW6Ri5_Ty6rVsMTBKXEjC6r7Mg-o8pZoLQP+yJ4pBwqOF-nYw@mail.gmail.com> <533F0C7B.9090705@isdg.net>
From: Dick Franks <rwfranks@acm.org>
Date: Fri, 4 Apr 2014 21:12:26 +0100
X-Google-Sender-Auth: F8ECh9tNjUWlbrSvIQi67n7A5_k
Message-ID: <CAKW6Ri699AuEOf-qf-iZ7vNdD7iEdF4uEnwX-HGB31EshJ_OXQ@mail.gmail.com>
Subject: Re: Security for various IETF services
To: Hector Santos <hsantos@isdg.net>
Content-Type: multipart/alternative; boundary=20cf30050d7e54488f04f63d257e
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/JY-WANrGDZLGpnGEvMIxdbwh3tg
Cc: IETF-Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 20:13:16 -0000

On 4 April 2014 20:48, Hector Santos <hsantos@isdg.net> wrote:

>
> Everyone else has already touch based with the same issues.


>  Silence could easily be misconstrued as acceptance.

[snip]

>   Stephen asked about the last sentence:
>
>   New services will however generally only be made
>   available in ways that use security protocols such as
>   TLS.
>
> Which to my eye looks like a conclusion;  without shred of justification
and before any meaningful discussion has taken place.


26 messages on and the consensus thus far is that an answer to Lloyd Wood's
one-liner is very much required.