RE: Security for various IETF services

<l.wood@surrey.ac.uk> Wed, 09 April 2014 09:05 UTC

Return-Path: <l.wood@surrey.ac.uk>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C24A71A079F for <ietf@ietfa.amsl.com>; Wed, 9 Apr 2014 02:05:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hjfwwNGDmi2X for <ietf@ietfa.amsl.com>; Wed, 9 Apr 2014 02:05:17 -0700 (PDT)
Received: from mail1.bemta3.messagelabs.com (mail1.bemta3.messagelabs.com [195.245.230.172]) by ietfa.amsl.com (Postfix) with ESMTP id 29D9C1A01B4 for <ietf@ietf.org>; Wed, 9 Apr 2014 02:05:17 -0700 (PDT)
Received: from [85.158.137.99:37343] by server-12.bemta-3.messagelabs.com id 47/48-14831-A4D05435; Wed, 09 Apr 2014 09:05:14 +0000
X-Env-Sender: l.wood@surrey.ac.uk
X-Msg-Ref: server-5.tower-217.messagelabs.com!1397034313!15022657!1
X-Originating-IP: [131.227.200.31]
X-StarScan-Received:
X-StarScan-Version: 6.11.1; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 29672 invoked from network); 9 Apr 2014 09:05:14 -0000
Received: from exht011p.surrey.ac.uk (HELO EXHT011P.surrey.ac.uk) (131.227.200.31) by server-5.tower-217.messagelabs.com with AES128-SHA encrypted SMTP; 9 Apr 2014 09:05:14 -0000
Received: from EXMB01CMS.surrey.ac.uk ([169.254.1.150]) by EXHT011P.surrey.ac.uk ([131.227.200.31]) with mapi; Wed, 9 Apr 2014 10:05:13 +0100
From: <l.wood@surrey.ac.uk>
To: <stephen.farrell@cs.tcd.ie>, <rwfranks@acm.org>, <daedulus@btconnect.com>
Date: Wed, 9 Apr 2014 10:05:12 +0100
Subject: RE: Security for various IETF services
Thread-Topic: Security for various IETF services
Thread-Index: Ac9Tz8JJ4cz1vFOYTpSWbn235cQZMQAAkUlS
Message-ID: <290E20B455C66743BE178C5C84F1240847E779EED0@EXMB01CMS.surrey.ac.uk>
References: <533D8A90.60309@cs.tcd.ie> <533EEF35.7070901@isdg.net> <27993A73-491B-4590-9F37-0C0D369B4C6F@cisco.com> <CAHBU6iuX8Y8VCgkY1Qk+DEPEgN2=DWbNEWVffyVmmP_3qmmmig@mail.gmail.com> <53427277.30707@cisco.com> <B275762E-3A1A-44A3-80BE-67F4C8B115B2@trammell.ch> <53428593.3020707@cs.tcd.ie> <A33A3F1E-8F6D-4BD9-8D1B-B24FBCD74D8D@nominum.com> <5342B26B.5020704@gmail.com> <011301cf532a$b4cd02a0$4001a8c0@gateway.2wire.net>, <CAKW6Ri5=6eVEKvJ3SVrFxnX9Hd1vxUFW9n4p99g=NM+LHky9kA@mail.gmail.com> <290E20B455C66743BE178C5C84F1240847E779EECE@EXMB01CMS.surrey.ac.uk>, <5345081A.8070802@cs.tcd.ie>
In-Reply-To: <5345081A.8070802@cs.tcd.ie>
Accept-Language: en-US, en-GB
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-GB
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/gJTCxKyrZ1ENYpgEJJ_wEPDDIUM
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Apr 2014 09:05:21 -0000

Stephen,

once again I refer you to
http://www.ietf.org/mail-archive/web/ietf/current/msg81787.html

> we will not suddenly forget how to do sound engineering 

oddly enough, that happens. DTNRG forgot checksums, the
end-to-end-principle, designing for embedded systems...

Lloyd Wood
http://about.me/lloydwood
________________________________________
From: Stephen Farrell [stephen.farrell@cs.tcd.ie]
Sent: 09 April 2014 09:43
To: Wood L  Dr (Electronic Eng); rwfranks@acm.org; daedulus@btconnect.com
Cc: ietf@ietf.org
Subject: Re: Security for various IETF services

I love how folks who it seems would rather we do nothing
are asking for more security process in this case.

IMO, the tools folks haven't gone terribly wrong on this in
the past and are not likely to do so in future. We are also
not developing new protocols for broad Internet use here
but rather talking about an IESG statement that those who
develop tooling and who deploy services should find useful
when considering new IETF services such as some new web
tool or remote participation tool. The statement also
reminds them to not go OTT and break stuff just in order
to improve security.

So no, we do not need a common criteria evaluation for
this and we will not suddenly forget how to do sound
engineering and no we do not need to do all that
engineering right now for every possible future service
and nor do we need to include "don't forget to do
engineering" in this IESG statement.

Regards,
S.

On 04/09/2014 03:12 AM, l.wood@surrey.ac.uk wrote:
> Gee, you don't need a threat analysis when you're going to protect against EVERYTHING!
>
> That's SECURITY!
>
> Lloyd Wood
> http://about.me/lloydwood
> ________________________________________
> From: ietf [ietf-bounces@ietf.org] On Behalf Of Dick Franks [rwfranks@acm.org]
> Sent: 09 April 2014 01:02
> To: t.p.
> Cc: IETF-Discussion
> Subject: Re: Security for various IETF services
>
> On 8 April 2014 09:32, t.p. <daedulus@btconnect.com<mailto:daedulus@btconnect.com>> wrote:
>
>
> The path that I have seen several Security ADs steer Working Groups down
> is to start with a threat analysis before deciding what counter measures
> are appropriate.
>
>
> Several contributors have been saying exactly that for almost a week.
>
> These suggestions have been answered by dismissive emails and a relentless bombardment of magic pixie dust.
>
>
>
>