Re: Stephen Farrell's Discuss on draft-ietf-6man-stable-privacy-addresses-16: (with DISCUSS and COMMENT)
Brian E Carpenter <brian.e.carpenter@gmail.com> Sat, 25 January 2014 20:39 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C92D1A0041; Sat, 25 Jan 2014 12:39:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 25yLH1SaxTJV; Sat, 25 Jan 2014 12:39:16 -0800 (PST)
Received: from mail-pb0-x231.google.com (mail-pb0-x231.google.com [IPv6:2607:f8b0:400e:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 8B15F1A0040; Sat, 25 Jan 2014 12:39:16 -0800 (PST)
Received: by mail-pb0-f49.google.com with SMTP id up15so4470060pbc.36 for <multiple recipients>; Sat, 25 Jan 2014 12:39:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=S73wORcpy4tmtm/70Gse5MyaAZXHyZVqsLBlwfbppvI=; b=TWuARh1t813zVUWKM/ULrYN1GdoevQMjv8EOsx3umqFydBe8F3gsV6Mw4B42lga/Ti QvIUAFcBdAuxgkXUwbQyo1WH0jpXh3rpALzBXoW6ttXiyHa4K7B+IlvtUTnawWAAlWAF YQeJRwF2SAPDjVjvRFly1Ol/qZe8CJBD51nbuW3CaDHBHyYpDihodzUiEVuZMpm20zPD 5s0gOlu2+02MiSACwbm30AXKPNxud6vAxJDGcHSmtHiJqwJSYk21/aYKBKelz09v5uiN jUYN89iIdh0lGKC0dUli8Ng4S6S/qAsFRC+g/TjgwyptZZaFbJ+fcNc1pKaMrrSA9tMN Za1Q==
X-Received: by 10.68.88.161 with SMTP id bh1mr21572001pbb.49.1390682355120; Sat, 25 Jan 2014 12:39:15 -0800 (PST)
Received: from [192.168.178.23] (250.199.69.111.dynamic.snap.net.nz. [111.69.199.250]) by mx.google.com with ESMTPSA id zc6sm41541157pab.18.2014.01.25.12.39.11 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 25 Jan 2014 12:39:14 -0800 (PST)
Message-ID: <52E420EE.8090104@gmail.com>
Date: Sun, 26 Jan 2014 09:39:10 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Fernando Gont <fgont@si6networks.com>
Subject: Re: Stephen Farrell's Discuss on draft-ietf-6man-stable-privacy-addresses-16: (with DISCUSS and COMMENT)
References: <20140121155253.23475.70004.idtracker@ietfa.amsl.com> <52DE9E63.5050404@si6networks.com> <52DEA496.9000000@viagenie.ca> <52DEB873.1080500@cs.tcd.ie> <52DEC5C8.7080903@si6networks.com> <52E130A7.5050102@cisco.com> <52E14FBB.1070901@si6networks.com>
In-Reply-To: <52E14FBB.1070901@si6networks.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: 6man-chairs@tools.ietf.org, ipv6@ietf.org, Lloyd Wood <L.Wood@surrey.ac.uk>, Eliot Lear <lear@cisco.com>, The IESG <iesg@ietf.org>, draft-ietf-6man-stable-privacy-addresses@tools.ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jan 2014 20:39:18 -0000
On 24/01/2014 06:22, Fernando Gont wrote:
...
> "Since the privacy of this system relies on the secrecy of the
> secret_key parameter, implementations should constraint access to it to
> the extent practicable (e.g., require superuser privileges to access
> it). Furthermore, in order to prevent leakages of the secret_key, this
> parameter should not be used for any other purposes than being a
> parameter to the scheme specified in this document"
Nobody could conceivably object to that, but I do wonder whether the
statement "Secret keys should be kept secret" doesn't belong in a much
more generic document than this one. Actually a BCP on pitfalls surrounding
secret keys and how to protect them would be very valuable, but doesn't
belong in this WG.
Brian
- Stephen Farrell's Discuss on draft-ietf-6man-stab… Stephen Farrell
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Simon Perreault
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Hannes Frederic Sowa
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Stephen Farrell
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Stephen Farrell
- Stephen Farrell's Discuss on draft-ietf-6man-stab… Stephen Farrell
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Thomas Narten
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Eliot Lear
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Brian E Carpenter
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Fernando Gont
- RE: Stephen Farrell's Discuss on draft-ietf-6man-… Christian Huitema
- RE: Stephen Farrell's Discuss on draft-ietf-6man-… l.wood
- RE: Stephen Farrell's Discuss on draft-ietf-6man-… l.wood
- RE: Stephen Farrell's Discuss on draft-ietf-6man-… Christian Huitema
- Re: Stephen Farrell's Discuss on draft-ietf-6man-… Doug Barton