IETF Logo Mail Archive

Re: Last Call: <draft-ietf-tsvwg-iana-ports-09.txt> (Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry) to BCP

Eliot Lear <lear@cisco.com> Mon, 31 January 2011 17:53 UTC

Return-Path: <lear@cisco.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 70FCB3A69A9; Mon, 31 Jan 2011 09:53:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.226
X-Spam-Level:
X-Spam-Status: No, score=-110.226 tagged_above=-999 required=5 tests=[AWL=0.373, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31HQryoJ+70J; Mon, 31 Jan 2011 09:53:48 -0800 (PST)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 14F993A6844; Mon, 31 Jan 2011 09:53:46 -0800 (PST)
Authentication-Results: ams-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
Received: from ams-core-4.cisco.com ([144.254.72.77]) by ams-iport-1.cisco.com with ESMTP; 31 Jan 2011 17:57:01 +0000
Received: from dhcp-10-61-100-10.cisco.com (dhcp-10-61-100-10.cisco.com [10.61.100.10]) by ams-core-4.cisco.com (8.14.3/8.14.3) with ESMTP id p0VHv0of006773; Mon, 31 Jan 2011 17:57:00 GMT
Message-ID: <4D46F7E1.8040601@cisco.com>
Date: Mon, 31 Jan 2011 18:56:49 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7
MIME-Version: 1.0
To: Cullen Jennings <fluffy@cisco.com>
Subject: Re: Last Call: <draft-ietf-tsvwg-iana-ports-09.txt> (Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry) to BCP
References: <20110118212603.5733.34489.idtracker@localhost> <B88A8A82-9C4A-40AC-89AF-F177260760F7@cisco.com> <ECA80A72-4E72-44D2-B40E-C90D7197E8C5@nokia.com> <4D421795.70505@isi.edu> <EFADE5D0-BB33-4418-B743-DFEC11B12740@cisco.com> <4D44F85D.5030407@isi.edu> <4D457FD9.5030905@vpnc.org> <B1E38EDF-E78E-47E2-B9A9-D7320A908217@nokia.com> <4D46CC62.1040006@vpnc.org> <3EEDEA1C-C34B-4F39-8E6E-AEDE50C1E504@nokia.com> <4D46D1D3.10701@vpnc.org> <F2152494-8C79-4A0F-951F-B3DB1D274A61@cisco.com> <4D46E2FF.7010203@cisco.com> <768DE9F6-FC0B-49B0-8244-0D97CD7BD2DA@cisco.com>
In-Reply-To: <768DE9F6-FC0B-49B0-8244-0D97CD7BD2DA@cisco.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: IESG IESG <iesg@ietf.org>, IETF discussion list <ietf@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, tsvwg@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Jan 2011 17:53:50 -0000

On 1/31/11 6:51 PM, Cullen Jennings wrote:
> So first, we already have a BCP that says  more or less all protocols must implement a secure version but deployment is optional. This is a good BCP, and it comes from the right area to say that - security. It's probably impacts design work in working groups more than any other BCP. It has IETF consensus. The IESG holds protocols to this. 

But this isn't only about IETF process.  You just asked about why the
IETF is special and why 3GPP shouldn't be treated on equal footing. 
Well, then what about ITU, ISO, W3C, and Joe's Standards Body?

> Now - I am at loss to see why forcing people to use one port will make it more likely to have secure protocols. This seems crazy.  Please do enlighten me.

The vast majority of the requests I see have 0 security built in until I
ask the question.  A few come back with a plan.  Take away that lever
and I don't even get to ask the question.
> And on the topic, I'm still looking forward to an explanation of how the current CoAP design stomping all over the TLS code points would be an acceptable design. 

I missed a step there?  CoAP?

v2.23.0 | Report a Bug | By Email