Re: Security for various IETF services

Scott Brim <scott.brim@gmail.com> Tue, 08 April 2014 14:06 UTC

Return-Path: <scott.brim@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1ABA71A0401 for <ietf@ietfa.amsl.com>; Tue, 8 Apr 2014 07:06:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rFwXVGLV0_K0 for <ietf@ietfa.amsl.com>; Tue, 8 Apr 2014 07:06:40 -0700 (PDT)
Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 44C221A03FD for <ietf@ietf.org>; Tue, 8 Apr 2014 07:06:40 -0700 (PDT)
Received: by mail-ob0-f173.google.com with SMTP id gq1so1033653obb.4 for <ietf@ietf.org>; Tue, 08 Apr 2014 07:06:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=79vM/BXJO5JUVg6bCU8PEaY4K+2BF9uoY/ZyzCRsZ6U=; b=Wvv6V0ZtULnzDit+GF/qui9yUNJ25lnR4erMy4Zf8ePyZZRyuLuYj77FUb2+Ikoj68 VkALAtP9oH9N3kBJ6s0n4b4ZEbhlu19toS36h82P7V56nipsg3mowTR36l2IwVi5CRkj 97eOtJe3AuNE+z5znDak1WXBxAdG2HhHF3hTxk76KUqS0IafIy6ATZqiewz8zsXs99Nd Y/+1JbnaKR3rEJtc0hHGOHGjd8tbIO4SB9fA24onME28OqdBP/6o/dyAROv7EJ8ykxhs I5VbiDsyLBhmE6of3ijVXAw08R+hFF3rTe+Yi8oLcM6clXE0ZLEKzDZ8PVCy+e3Gv0Co BlBQ==
X-Received: by 10.182.241.67 with SMTP id wg3mr3537312obc.16.1396966000068; Tue, 08 Apr 2014 07:06:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.48.9 with HTTP; Tue, 8 Apr 2014 07:06:18 -0700 (PDT)
In-Reply-To: <AE1A6B5FD507DC4FB3C5166F3A05A484504B5176@TK5EX14MBXC298.redmond.corp.microsoft.com>
References: <533D8A90.60309@cs.tcd.ie> <53417832.90405@cs.tcd.ie> <alpine.LRH.2.01.1404061602580.14892@egate.xpasc.com> <ecabb0a4080548d99ab083c0ff0c27ee@BLUPR03MB424.namprd03.prod.outlook.com> <AE1A6B5FD507DC4FB3C5166F3A05A484504B5176@TK5EX14MBXC298.redmond.corp.microsoft.com>
From: Scott Brim <scott.brim@gmail.com>
Date: Tue, 8 Apr 2014 10:06:18 -0400
Message-ID: <CAPv4CP8ZiUnOfoNPBSqpoOHrgS2m2GNwNGmTJm+q0B=hq8y5-w@mail.gmail.com>
Subject: Re: Security for various IETF services
To: "Matthew Kaufman (SKYPE)" <matthew.kaufman@skype.net>
Content-Type: multipart/alternative; boundary=001a11c2efb832902404f6887e79
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/hUySrQ2xiiYxKCrYlqrrGt1isko
Cc: Christian Huitema <huitema@microsoft.com>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Apr 2014 14:06:47 -0000

On Mon, Apr 7, 2014 at 3:50 PM, Matthew Kaufman (SKYPE) <
matthew.kaufman@skype.net> wrote:

> If the same level of urgency were shown towards a viable, and secure,
> replacement for TCP itself, then the calls for secure-only access to IETF
> services might make sense. Instead, it feels a lot like requiring stronger
> deadbolts on glass doors.


FYI http://trac.tools.ietf.org/group/ppm-legacy-review/ticket/9