IETF Logo Mail Archive

Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 20 August 2014 22:12 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F7B31A88FC for <ietf@ietfa.amsl.com>; Wed, 20 Aug 2014 15:12:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSeJ6KldmSqz for <ietf@ietfa.amsl.com>; Wed, 20 Aug 2014 15:12:42 -0700 (PDT)
Received: from mail-lb0-x235.google.com (mail-lb0-x235.google.com [IPv6:2a00:1450:4010:c04::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 065181A6F01 for <ietf@ietf.org>; Wed, 20 Aug 2014 15:12:41 -0700 (PDT)
Received: by mail-lb0-f181.google.com with SMTP id 10so7458359lbg.12 for <ietf@ietf.org>; Wed, 20 Aug 2014 15:12:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=BIzZcb/DN84kXNNHTfUkahZhZ51dyOlRtqXPDUlo5cc=; b=icWunasXfc7QsciQDLpBheyvuC/TgPjMeSEkTgTbsxw21uWVKDAm5qEgi4Sy8NMlVt 2jGNUzN0k7Z6pgkNq6MQPFfd7cbFlL2HaWmTYxIWvpJcpSArQ+3gwVGQgw7WldM1f3cw ELLP1qjg0tC5I9fwHvx8oVXYVyH8rLVYqtG76zbKLUqxoUW7EbvrHqRAEgZiKeDqZKtV MahPf2tH230QkA9J78kQRgxbgUkuOYctLVYKGHGMTOF6hYSoyGkMpPf5DPJLo8CvbVtN LCo/EmBETsDTgrtEoXNgPU/wJDyOivIKRwLGS1mOG9c03fj9+3T7Q7EYQW6GiIGu7Y1v Yf7A==
MIME-Version: 1.0
X-Received: by 10.112.247.11 with SMTP id ya11mr42631007lbc.28.1408572760351; Wed, 20 Aug 2014 15:12:40 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Wed, 20 Aug 2014 15:12:40 -0700 (PDT)
Date: Wed, 20 Aug 2014 18:12:40 -0400
X-Google-Sender-Auth: AkNU3NoInM0zHIByD3W9LMFt0is
Message-ID: <CAMm+Lwh1xzaxqqnnbdgFQrR0pWknsHru8zjnjCMVjihymXtKNw@mail.gmail.com>
Subject: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment)
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/boww56h5OGU3Qk3D1c8N5u5Oj0o
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 22:12:43 -0000

Opportunistic is the wrong word to use because

1) It is used already and has an existing meaning.
2) It short changes authenticated credential approaches such as DANE and PKIX.

Adept is a much more appropriate term to describe an approach that
essentially says

1) Determine the set of available keys by algorithm X.
2) Determine the set of keys that meet the security policy by algorithm Y.
3) The set of acceptable keys is the intersection of X and Y and the
preference within that intersection is determined by algorithm Z.

v2.23.0 | Report a Bug | By Email