Re: IAB statement on draft-farrell-perpass-attack-00
SM <sm@resistor.net> Thu, 28 November 2013 00:05 UTC
Return-Path: <sm@resistor.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F6081ADFF2 for <ietf@ietfa.amsl.com>; Wed, 27 Nov 2013 16:05:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id icvUAc9uadxb for <ietf@ietfa.amsl.com>; Wed, 27 Nov 2013 16:05:01 -0800 (PST)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A93D1AE010 for <ietf@ietf.org>; Wed, 27 Nov 2013 16:05:01 -0800 (PST)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id rAS03Z3g029204; Wed, 27 Nov 2013 16:03:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1385597020; bh=wqtc6JttqPrN7owokbgiisGZ1B1QSUAEMhmLWPyBXnU=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=NgufP/h6bdcUPSpWRP/bf4kTd7pWfBTorffO5Bi0oM4XFxckvNthNr0meBr5oCJQA ZwtAMMcFYwOnT19am5vmm5bz8YWhaqmIWp5oh20IdICvbE+S5Cn/C5B0qTOdQ2JFML oy6Oktj5obFgpldqkyTcwlrpO4PIHKW8XrQk3aKs=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1385597020; i=@resistor.net; bh=wqtc6JttqPrN7owokbgiisGZ1B1QSUAEMhmLWPyBXnU=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=SWPmrdkX0LSNA9uwUe8fW5UWJ43G+0in7ieEut8iysaofo5ou5MJ7cpxC2OD+Sjmq fEiJMLzmkRaV4UUn1SC80QpjFopLBnjRLCtZWD2+HPXhr3VfGQRUh0kejBAQ9hmmwa 3NPZ8+JIV5/cikTECN781zVyLUHiuTZhNWgaVbTE=
Message-Id: <6.2.5.6.2.20131127135641.0dfb2aa8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Wed, 27 Nov 2013 14:48:36 -0800
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
From: SM <sm@resistor.net>
Subject: Re: IAB statement on draft-farrell-perpass-attack-00
In-Reply-To: <52965A8F.9090003@cs.tcd.ie>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <6.2.5.6.2.20131127084710.0dd761c0@resistor.net> <52965A8F.9090003@cs.tcd.ie>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Nov 2013 00:05:02 -0000
Hi Stephen, At 12:48 27-11-2013, Stephen Farrell wrote: >Well, only to the same extent that any cycle of threats emerging >and us figuring out mitigations is an ongoing process, so I don't >see this as being different in that respect, after we've taken the >step to recognise that its an attack that we ought try mitigate. Ok. >Yes. (As stated in the References section.) The idea there is >to start by collating text from the various drafts that people >have already sent to the perpass list. I hope we'll get a draft >of that in the not-too-distant but I'm pretty sure that most >everyone is already familiar with the gist of the problem >here - certainly well enough to express support or not for >this draft when it gets to a last-call. (And personally I'm >hoping that LC on this one will start in the near future.) Ok. >That term was a bikeshed [2] on the perpass list already (including >a mail from your good self:-) I did mention that it was a nit. :-) >I figure s/bad actor/actor/ as suggested by PSA was the best >change. (I've a few other minor changes to make as a result >of discussion on that list as well, hope to get -01 out with >those over the weekend.) I'll defer to the authors as I have already done the nitting/bikesheding. :-) >I'm not sure if you're suggesting some change there but I think the >point you make above is already made in the (very short) draft in >which case repeating it wouldn't be that useful. The first sentence could say that it is a combined security and privacy threat. >Yeah, I like his draft too. I was quite tempted to AD-sponsor partly >to see how it irritates overly-process-oriented folks :-) The simplicity is itself a statement (see draft-thomson-perpass-statement-00). Regards, -sm
- IAB statement on draft-farrell-perpass-attack-00 IAB Chair
- Re: IAB statement on draft-farrell-perpass-attack… SM
- Re: IAB statement on draft-farrell-perpass-attack… Mary Barnes
- Re: IAB statement on draft-farrell-perpass-attack… Stephen Farrell
- Re: IAB statement on draft-farrell-perpass-attack… Jari Arkko
- Re: IAB statement on draft-farrell-perpass-attack… SM
- Re: IAB statement on draft-farrell-perpass-attack… Abdussalam Baryun
- Re: IAB statement on draft-farrell-perpass-attack… SM
- Re: [perpass] perens-perpass-appropriate-response… Martin Millnert
- RE: [perpass] perens-perpass-appropriate-response… JOSEFSSON Erik
- perens-perpass-appropriate-response-01 Bruce Perens
- RE: perens-perpass-appropriate-response-01 l.wood
- Re: perens-perpass-appropriate-response-01 Ted Lemon