[Pals] Stephen Farrell's Abstain on draft-ietf-pals-rfc4447bis-05: (with COMMENT)
"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 28 September 2016 13:59 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: pals@ietf.org
Delivered-To: pals@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 35F6512B0E7; Wed, 28 Sep 2016 06:59:07 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.34.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <147507114718.16640.2286860657042732910.idtracker@ietfa.amsl.com>
Date: Wed, 28 Sep 2016 06:59:07 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/pals/ymiV7qBknPTqYVg8hk9Ez73GCNk>
Cc: stewart.bryant@gmail.com, draft-ietf-pals-rfc4447bis.all@ietf.org, draft-ietf-pals-rfc4447bis@ietf.org, pals-chairs@ietf.org, pals@ietf.org
Subject: [Pals] Stephen Farrell's Abstain on draft-ietf-pals-rfc4447bis-05: (with COMMENT)
X-BeenThere: pals@ietf.org
X-Mailman-Version: 2.1.17
List-Id: "Pseudowire And LDP-enabled Services dicussion list." <pals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pals>, <mailto:pals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pals/>
List-Post: <mailto:pals@ietf.org>
List-Help: <mailto:pals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pals>, <mailto:pals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Sep 2016 13:59:07 -0000
Stephen Farrell has entered the following ballot position for draft-ietf-pals-rfc4447bis-05: Abstain When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pals-rfc4447bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- It is an embarrassment that we can't do better than TCP MD5. TCP MD5 (from 1998, RFC2385) has been obsoleted by TCP-AO (RFC 5925, from 2010), but that hasn't seen deployment. Back in 1998 (18 years ago!) RFC 2385 included an IESG note that says: "This document describes current existing practice for securing BGP against certain simple attacks. It is understood to have security weaknesses against concerted attacks." And all these years later we can still do no better when promoting a document to IS. Sigh. However, I see no point in trying to block this document on that basis. I would argue for an IESG note along the above lines if I thought that'd have any impact, but I guess it won't if, as seems to be the case, people won't move until there's a catastrophic break.
- [Pals] Stephen Farrell's Abstain on draft-ietf-pa… Stephen Farrell
- Re: [Pals] Stephen Farrell's Abstain on draft-iet… joel jaeggli
- Re: [Pals] Stephen Farrell's Abstain on draft-iet… Stephen Farrell