Re: Security for various IETF services

Spencer Dawkins <spencerdawkins.ietf@gmail.com> Mon, 07 April 2014 14:13 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0249A1A0449; Mon, 7 Apr 2014 07:13:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rXdsfa332s91; Mon, 7 Apr 2014 07:13:08 -0700 (PDT)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com [IPv6:2607:f8b0:4003:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id D4E691A0431; Mon, 7 Apr 2014 07:13:06 -0700 (PDT)
Received: by mail-ob0-f175.google.com with SMTP id uy5so6554377obc.6 for <multiple recipients>; Mon, 07 Apr 2014 07:13:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=Fq/BhaxJcKqV4EvcFRn+n1dqRwPYCoRFSKSByrnhI5o=; b=aXDSRqgv0EjdWR9jIviTH27McM18dHATZrGwWmTf7SqPmQrWiuRtyuQ6YugDPJuM8h ubJo8cB0omcB3uCZOoHZ4kWdbRYT3G1CuWS3K3AfuvrVuZOZh5ucTbpjRKZLzSZVfxqG HF6W+Nj0qiO1cJWmknBkE+wddMeO+LW7ZZgq+a+yRSsSBi9ERVHukkk9tz0Mp3HCQlEb GK2PEG0XjQCPEbzjzloNh5MVcpUbH/wwsJP/2ihT0Qt8VJiPyv4c9CLQIBsRpqk0Vk+d Lxbh5vg612wD+a0+D6+OMKOok8oo1S9G1LUBI4cx6gKqwxUBRkFN3nJkr0lCoQIKlmTk 4sEg==
X-Received: by 10.60.159.36 with SMTP id wz4mr35506486oeb.30.1396879981218; Mon, 07 Apr 2014 07:13:01 -0700 (PDT)
Received: from [192.168.0.13] (cpe-76-187-7-89.tx.res.rr.com. [76.187.7.89]) by mx.google.com with ESMTPSA id dh8sm76912274oeb.10.2014.04.07.07.12.59 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 07 Apr 2014 07:13:00 -0700 (PDT)
Message-ID: <5342B26B.5020704@gmail.com>
Date: Mon, 07 Apr 2014 09:12:59 -0500
From: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Ted Lemon <ted.lemon@nominum.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: Security for various IETF services
References: <533D8A90.60309@cs.tcd.ie> <533EEF35.7070901@isdg.net> <27993A73-491B-4590-9F37-0C0D369B4C6F@cisco.com> <CAHBU6iuX8Y8VCgkY1Qk+DEPEgN2=DWbNEWVffyVmmP_3qmmmig@mail.gmail.com> <53427277.30707@cisco.com> <B275762E-3A1A-44A3-80BE-67F4C8B115B2@trammell.ch> <53428593.3020707@cs.tcd.ie> <A33A3F1E-8F6D-4BD9-8D1B-B24FBCD74D8D@nominum.com>
In-Reply-To: <A33A3F1E-8F6D-4BD9-8D1B-B24FBCD74D8D@nominum.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/cpr6RGF2CPWzz_wVv7HC0UxNCgQ
Cc: Stewart Bryant <stbryant@cisco.com>, Tim Bray <tbray@textuality.com>, IETF-Discussion <ietf@ietf.org>, The IESG <iesg@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Apr 2014 14:13:14 -0000

On 04/07/2014 08:03 AM, Ted Lemon wrote:
> On Apr 7, 2014, at 7:01 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>> Yes, we ought move away from passwords if/when we ever find an
>> acceptably better solution, and yes, people ought manage their
>> passwords well, but neither are today's reality more's the pity.
> Perhaps it would be worth setting up support for client certs as a way to log in to IETF services.   If we won't start, why would someone else?

(Speaking as 1/15th, but only 1/15th, of the IESG that's asking for 
community input on this topic)

For me, "If we won't start, why would someone else?" was a significant 
consideration. I'm not locked in on any particular path, but I thought 
it was useful to ask about this was that if the IETF can't make an 
improved security environment work, that's not a good sign 
(http://en.wikipedia.org/wiki/Eating_your_own_dog_food).

We can spin up new working groups to address problems we encounter. Most 
communities seeking to improve their security environment can't do that.

So, from my own perspective, on-by-default would be sufficient to find 
out what I'd like to find out ... but I'd love to find out at least part 
of what we'd like to know, in a post-Snowdon world.

We could find out something, without making Stewart run a 
state-of-the-art secure environment on his IoT device to FTP Internet 
Drafts.

Spencer