IETF Logo Mail Archive

Re: On the costs of old systems (was Re: Call for Community Feedback: Retiring IETF FTP Service)

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 03 December 2020 20:17 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D48223A0B05 for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:17:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uAZLRf62kYek for <ietf@ietfa.amsl.com>; Thu, 3 Dec 2020 12:17:28 -0800 (PST)
Received: from mail-yb1-f171.google.com (mail-yb1-f171.google.com [209.85.219.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78C853A0A73 for <ietf@ietf.org>; Thu, 3 Dec 2020 12:17:28 -0800 (PST)
Received: by mail-yb1-f171.google.com with SMTP id v92so3230021ybi.4 for <ietf@ietf.org>; Thu, 03 Dec 2020 12:17:28 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=e3CtjUgQOB6Y4jQzGVj+YggiAAinn6gkZsG1Xgf8RIw=; b=JNOIjoLnXgQyBAL5YNMc+5sTjgI6WJSOXXRsG+FYPtpDXx9542pg6rU9+YDEnzu5u8 p9EbMNIMFoakSAqPMYyA8YxlG5p7OvYz8glDQ1bkgcaggs6JGVELx4PKmwa73zmYwwv7 05t25tNaDo1IGx/H/bAmwca5ugxpA8xxrtXn0LKkF7U5dxM5hDtRsWp+ujry06pzNP2c 6ZLKHL4w/eYOfrtgUnh1EwHMN4RNSPHDZbaT8Ynox2EADg01FVHirMnnCJ3b+JOVsqz6 DTGojerpqbhKhvxqfejACdZXX5hpi0Eaqum8VSVSEidTuIq93VhPvtz+m8lNQoM4thbM IUYA==
X-Gm-Message-State: AOAM5301PNI/sC85BYemcUMBD+THFdRCD4ZyZClzUMZkfH9LZGSwW98C 45+jY7HJBahKaZ1Ow4t14T0mVbOeTEyarz8yfbbUfNR2zXk=
X-Google-Smtp-Source: ABdhPJxZPdy4apf4vFXQ+46xx/jo7pNmE5h2cYKMn191rt2Db471Tn2A8MPHRxaJqzDeH+ZoomuGzDv1HhzKzZwlEnQ=
X-Received: by 2002:a25:d04b:: with SMTP id h72mr1269884ybg.523.1607026647534; Thu, 03 Dec 2020 12:17:27 -0800 (PST)
MIME-Version: 1.0
References: <af6ab231024c478bbd28bbec0f9c69c9@cert.org> <d12d2e09-6840-0500-c14c-73d862f85c8e@network-heretics.com> <20201117203038.GA30358@gsp.org> <4ddae8d0-866d-9e16-a304-ac78099f725d@cs.tcd.ie> <20201126195910.GA20255@gsp.org> <20201126201924.ilysbjg4bdwhpoak@crankycanuck.ca> <20201202145231.GA11357@gsp.org>
In-Reply-To: <20201202145231.GA11357@gsp.org>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 03 Dec 2020 15:17:16 -0500
Message-ID: <CAMm+Lwie8sPfrLDKwLm-tdFgpgUqVP2iG5ZUnHg+07Mr5hFSHA@mail.gmail.com>
Subject: Re: On the costs of old systems (was Re: Call for Community Feedback: Retiring IETF FTP Service)
To: Rich Kulawiec <rsk@gsp.org>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000078914f05b5950c6c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/LG_D1Ui2PtaOSU4rmq-3WkzzlCM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 20:17:30 -0000

Lets flip the question round.

I have developed a cryptographic format that is purpose designed to provide
a blockchain / CT like means of signing a series of documents. It could be
used to provide a standards based signature over the IETF document corpus
(something that Russ has already done using CMS technology but couldn't
have done using a standards based hash chain approach at the time because
of the Haber-Stornetta patent.

So what should be the criteria for deploying my new technology on the IETF
site and why should they be any different to insisting on continued support
for the old?

The obvious approach is to consider the costs and the benefits but we also
need to consider the alternatives to an IETF service.

Costs:

How much effort to perform initial installation?
How much effort is required to manage installation when transitioning
service to a new system?
What is the security impact? How much does this cost to monitor?
How often does the system require administrative intervention (e.g. recover
from crashes)?

Benefits:

What is the benefit to the IETF community?
What is the benefit to the IETF corporation?
What is the wider benefit?

Alternatives:

Can this service be provided by anyone else?
Is there a particular benefit to the IETF providing the service over any
other provider?


Now the reason to not deploy the Mesh right now is I haven't finished the
code. But assuming I had, it is a format that is purpose designed to
provide a forensic authentication of data added to a repository over time.
So it is something the IETF can only do for itself. FTP is not.

v2.23.0 | Report a Bug | By Email