Re: Security for various IETF services

"Fred Baker (fred)" <fred@cisco.com> Fri, 04 April 2014 00:01 UTC

Return-Path: <fred@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2524F1A03DB for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 17:01:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -114.511
X-Spam-Level:
X-Spam-Status: No, score=-114.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RdJnFT4EfqZF for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 17:01:21 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 356371A03D7 for <ietf@ietf.org>; Thu, 3 Apr 2014 17:01:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1581; q=dns/txt; s=iport; t=1396569677; x=1397779277; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=R35eG5PuXDwBAl0mH1iw67HBfZvhu3iqZGONl/atvuA=; b=RD8ytWVVzaqxVZv9dvy5Rqk0u2dSQJ3mmxFyzDiEnmllUa889od2tT3Z qy8WuDUfy76DmNI7cIVAp2dsjehxJ91+lJWaGmEeKbCIZJh3n9EYJfYvI hXG4xhDNkbm5HGWfW13uJfc2weR8+Tq0bFBpgLwI+EROlizEJcmMFMPYF g=;
X-Files: signature.asc : 195
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AkQFAJr1PVOtJA2G/2dsb2JhbABXgwY7V8N/gRwWdIIlAQEBAwF5BQsCAQhGMiUCBA4FDodjCK53oFwXjnEHCYMbgRQBA5BfgTWGR4E0kQqDMIIr
X-IronPort-AV: E=Sophos; i="4.97,791,1389744000"; d="asc'?scan'208"; a="314985401"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-7.cisco.com with ESMTP; 04 Apr 2014 00:01:16 +0000
Received: from xhc-aln-x05.cisco.com (xhc-aln-x05.cisco.com [173.36.12.79]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s3401G6L015142 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 4 Apr 2014 00:01:16 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.247]) by xhc-aln-x05.cisco.com ([173.36.12.79]) with mapi id 14.03.0123.003; Thu, 3 Apr 2014 19:01:16 -0500
From: "Fred Baker (fred)" <fred@cisco.com>
To: "dcrocker@bbiw.net" <dcrocker@bbiw.net>
Subject: Re: Security for various IETF services
Thread-Topic: Security for various IETF services
Thread-Index: AQHPT1jb9RjrCInNDUKc3+ugPcK7EpsAuYgAgAAjUICAAARUgIAAAs6AgAADIgA=
Date: Fri, 4 Apr 2014 00:01:15 +0000
Message-ID: <E361A3FC-18FB-459E-819B-4C782F7E99F7@cisco.com>
References: <533D8A90.60309@cs.tcd.ie> <290E20B455C66743BE178C5C84F1240847E779EEB6@EXMB01CMS.surrey.ac.uk> <p06240601cf639cb2113b@[99.111.97.136]> <F8AEEDAE-C8BB-4979-8122-1110DFF62770@cisco.com> <533DF3A9.4030201@dcrocker.net>
In-Reply-To: <533DF3A9.4030201@dcrocker.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.19.64.115]
Content-Type: multipart/signed; boundary="Apple-Mail=_54E015C1-DB32-48AE-B673-328CA7C10B42"; protocol="application/pgp-signature"; micalg=pgp-sha1
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/M4EVdGy131NXiJUqI8BJeuDNhOo
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 00:01:25 -0000

On Apr 3, 2014, at 4:50 PM, Dave Crocker <dhc@dcrocker.net> wrote:

> ps. The other reason for using https is privacy to reduce traffic analysis and other meta-data review.  This is quite separate from keeping IETF data 'confidential'.

I’m actually not in the least interested in IETF data “confidentiality”. It’s not confidential.

If someone can hijack 8.8.8.8 and send it to a DNS server in their favorite country, they can hijack ietf.org or 2001:1900:3001:11::2c and send it to a web server of their choice. I’d like for information from the IETF to be verifiably authentic. That includes, of course, a signature on the file and at least a signature in flight. If the way to get something equivalent to a signature is encryption in the IETF’s private key, whatever. But not a key that can be copied and reused to sign/encrypt corrupted data.