Re: Security for various IETF services

Phillip Hallam-Baker <hallam@gmail.com> Thu, 10 April 2014 15:01 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BC0A1A032A for <ietf@ietfa.amsl.com>; Thu, 10 Apr 2014 08:01:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNuQTUh4HK0l for <ietf@ietfa.amsl.com>; Thu, 10 Apr 2014 08:00:56 -0700 (PDT)
Received: from mail-la0-x22c.google.com (mail-la0-x22c.google.com [IPv6:2a00:1450:4010:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 1C5951A0323 for <ietf@ietf.org>; Thu, 10 Apr 2014 08:00:50 -0700 (PDT)
Received: by mail-la0-f44.google.com with SMTP id c6so2455016lan.3 for <ietf@ietf.org>; Thu, 10 Apr 2014 08:00:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=V7YUpGAGq2ZXVsQFcwkTp5l++siWCmBvFoUhslbgUbg=; b=NXO5/7sQ1vSc9mGP8iB4PoGJc1meSihB4rMGTLj+H6tpCm5XMc0IkXf+UB5jCbn0wi AGD8jw9gzZ8ugErMMcUWK7dMXehPS51QTTISn4l0L3bszHpn1O+8NnpdHjws9QX5Iibj 9ooKV5vq/c1NDn+7yaJZtEl2bn1G3hc65SUQRriGncLI1lgSfGboaRGYHk23YBkMBmq7 xW2tDZG8rUaMpQjbHtxKPRqNAyr+9t/EHz0tOyehWYrduxVrE5UGDiql/8wjbeyJ+XXd JgQ5JSbU5yVXeR1yeUOu2dShhVK3MEqDMFrQo0nrSl7NvoT/H0kRdkW/IthV3n8zb5UF VaOg==
MIME-Version: 1.0
X-Received: by 10.112.205.35 with SMTP id ld3mr11967046lbc.1.1397142049547; Thu, 10 Apr 2014 08:00:49 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Thu, 10 Apr 2014 08:00:49 -0700 (PDT)
In-Reply-To: <82F536E3-FF79-4C35-A3E3-893A1BDD8449@nominum.com>
References: <20140409154919.11E6118C106@mercury.lcs.mit.edu> <534580AF.4080602@dcrocker.net> <CAMm+Lwi2bsj9s-h6eyYzJLpbOG8RY2yRmKSssuKoDCA-KAAH2w@mail.gmail.com> <82F536E3-FF79-4C35-A3E3-893A1BDD8449@nominum.com>
Date: Thu, 10 Apr 2014 11:00:49 -0400
Message-ID: <CAMm+LwjWKmquXKVJh2D-nGPnXFZeHt48cVDrrsC0pgaqttAqGg@mail.gmail.com>
Subject: Re: Security for various IETF services
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ted Lemon <ted.lemon@nominum.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/VipUa9L8OjG3DuafwURyzKG2yzw
Cc: IETF Discussion Mailing List <ietf@ietf.org>, Dave Crocker <dcrocker@bbiw.net>, Noel Chiappa <jnc@mercury.lcs.mit.edu>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Apr 2014 15:01:01 -0000

On Thu, Apr 10, 2014 at 10:38 AM, Ted Lemon <ted.lemon@nominum.com> wrote:
> On Apr 10, 2014, at 10:35 AM, Phillip Hallam-Baker <hallam@gmail.com> wrote:
>> There are problems with both the S/MIME and the Web of Trust models
>> which I discuss in the video presentation.
>
> Are these documented in the draft?   Because I'm not going to watch the video.

The draft does discuss them but the draft was written 3 months before
the video and my thinking has developed since I started writing code.

I don't plan to update the draft again till the code is finished. At
that point I plan to release a new set of drafts and a video showing
how to use the actual code.



-- 
Website: http://hallambaker.com/