RE: Security for various IETF services

<l.wood@surrey.ac.uk> Fri, 04 April 2014 02:46 UTC

Return-Path: <l.wood@surrey.ac.uk>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D5771A022D for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 19:46:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t1FAOSt2f_RF for <ietf@ietfa.amsl.com>; Thu, 3 Apr 2014 19:46:41 -0700 (PDT)
Received: from mail1.bemta3.messagelabs.com (mail1.bemta3.messagelabs.com [195.245.230.177]) by ietfa.amsl.com (Postfix) with ESMTP id 4B4661A01B3 for <ietf@ietf.org>; Thu, 3 Apr 2014 19:46:41 -0700 (PDT)
Received: from [85.158.137.99:58309] by server-17.bemta-3.messagelabs.com id C2/AB-22741-C0D1E335; Fri, 04 Apr 2014 02:46:36 +0000
X-Env-Sender: l.wood@surrey.ac.uk
X-Msg-Ref: server-13.tower-217.messagelabs.com!1396579595!2342123!1
X-Originating-IP: [131.227.200.31]
X-StarScan-Received:
X-StarScan-Version: 6.11.1; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 20629 invoked from network); 4 Apr 2014 02:46:35 -0000
Received: from exht011p.surrey.ac.uk (HELO EXHT011P.surrey.ac.uk) (131.227.200.31) by server-13.tower-217.messagelabs.com with AES128-SHA encrypted SMTP; 4 Apr 2014 02:46:35 -0000
Received: from EXMB01CMS.surrey.ac.uk ([169.254.1.150]) by EXHT011P.surrey.ac.uk ([131.227.200.31]) with mapi; Fri, 4 Apr 2014 03:46:35 +0100
From: <l.wood@surrey.ac.uk>
To: <randy@psg.com>
Date: Fri, 4 Apr 2014 03:46:34 +0100
Subject: RE: Security for various IETF services
Thread-Topic: Security for various IETF services
Thread-Index: Ac9PqpP+tuS8n2OdSEuWeD+29/r+ygABJ1OM
Message-ID: <290E20B455C66743BE178C5C84F1240847E779EEB9@EXMB01CMS.surrey.ac.uk>
References: <533D8A90.60309@cs.tcd.ie> <290E20B455C66743BE178C5C84F1240847E779EEB6@EXMB01CMS.surrey.ac.uk> <p06240601cf639cb2113b@[99.111.97.136]> <F8AEEDAE-C8BB-4979-8122-1110DFF62770@cisco.com>, <m2mwg1voe3.wl%randy@psg.com>
In-Reply-To: <m2mwg1voe3.wl%randy@psg.com>
Accept-Language: en-US, en-GB
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-GB
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/kd-xGT8wIsOrA1Agc9un5f_aq4s
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 02:46:46 -0000

Randy,

Security was encouraged to be the primary focus of the
DTNRG research group, above and beyond application
scenarios, or anything else. Examining years of list
discussion will confirm that. It's what happens when
you let security people run things as they see fit,
with their natural bias towards security above all
else.

Focus on security, you can get security. You won't get
users, or anything useful for the scenario,
but you can get security.


Lloyd Wood
http://sat-net.com/L.Wood/dtn
________________________________________
From: Randy Bush [randy@psg.com]
Sent: 04 April 2014 03:07
To: Wood L  Dr (Electronic Eng)
Cc: IETF Disgust
Subject: Re: Security for various IETF services

> "because we blew it way back when, by designing a completely insecure
> and un-private internet"
> That was not a mistake. That is what made adoption possible.

this is not clear.  though, certainly, crypto would have had serious
performance impact in the ealy '80s.  then again, if at 9600 baud, you
can afford a bit of processing on the ends. :)

> DTN started with security from the get-go, and DTN has gone nowhere.

i was not aware that security was a major cause of the lack of success
of the dtn.

randy