IETF Logo Mail Archive

Re: 10 years and no ubiquitous security

William Allen Simpson <wsimpson@greendragon.com> Mon, 18 March 2002 20:44 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g2IKis410337; Mon, 18 Mar 2002 12:44:54 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id PAA10042 Mon, 18 Mar 2002 15:05:50 -0500 (EST)
Message-ID: <3C964A5C.2FBBBF12@greendragon.com>
Date: Mon, 18 Mar 2002 15:16:12 -0500
From: William Allen Simpson <wsimpson@greendragon.com>
Organization: DayDreamer
X-Mailer: Mozilla 4.79 (Macintosh; U; PPC)
X-Accept-Language: en
MIME-Version: 1.0
To: ietf@ietf.org
CC: ipsec@lists.tislabs.com
Subject: Re: 10 years and no ubiquitous security
References: <20020318161833.084837B4B@berkshire.research.att.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

"Steven M. Bellovin" wrote:
> 
> In message <3C93EEA3.28833ABD@greendragon.com>, William Allen Simpson writes:
> Right.  The only copy I could find was from 1996, but I don't think
> that that difference is important.
> (http://www.watersprings.org/pub/id/draft-simpson-ipsec-enhancement-00.txt)

Remember, the WG chair objected to my drafts being draft-ietf-ipsec-, 
and so they were reissued in 1996 as draft-simpson-, restarting at -00.

To the middle of your message, why is it a problem that we were so 
brilliant that we prevented a threat before somebody else documented 
the attack?  We are engineers, not cryptanalysts.  It seemed obvious.

Anyway, _you_ had the integrity to admit you were wrong.  Thanks!  
(I just wasn't sure I should mention your name in a negative context.)


> ...  But except for VPN scenarios, most people choose
> not to use it.  I think there's a lesson there, but I fail to see how
> Steve Kent or any of the other players in the history of IPsec are at
> all at fault.
> 
Because the so-called "standard" is hard to understand, hard to 
implement, hard to install, and hard to use -- and now verified to 
have security failures, some of which I documented at least 6 years ago.  
Other than that?

As you may remember, Photuris was designed to start itself 
automatically, without significant user intervention.  (Somebody else 
just noticed the ICMP Security Failures messages.)

Another of the things I used to do: have an Operational Considerations 
section in my drafts.  Anything with a lot of configuration and 
dependencies has too many points of failure.

But I'm so disgusted with Ran denying that other people did any work, 
or that he knew about it, that I'm hoping the thread will end.  Surely, 
the secretariate mistyped that string in 1992 (on page 363).  Oh well, 
it's not the first time I've caught him in a lie....

The point was made: we've been delayed and obfuscated into oblivion.  
The WG has been spinning its wheels for a decade.
-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32

v2.29.0 | Report a Bug | By Email | System Status