Re: [Patient] [saag] Internet Draft posted as requested -

Melinda Shore <melinda.shore@nomountain.net> Tue, 19 December 2017 06:49 UTC

Return-Path: <melinda.shore@nomountain.net>
X-Original-To: patient@ietfa.amsl.com
Delivered-To: patient@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F257126C19 for <patient@ietfa.amsl.com>; Mon, 18 Dec 2017 22:49:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nomountain-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AkjPkjUYq_dZ for <patient@ietfa.amsl.com>; Mon, 18 Dec 2017 22:49:45 -0800 (PST)
Received: from mail-it0-x22d.google.com (mail-it0-x22d.google.com [IPv6:2607:f8b0:4001:c0b::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D15061205F0 for <patient@ietf.org>; Mon, 18 Dec 2017 22:49:44 -0800 (PST)
Received: by mail-it0-x22d.google.com with SMTP id m11so7453911iti.1 for <patient@ietf.org>; Mon, 18 Dec 2017 22:49:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nomountain-net.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=agGrzb0X/vnCDnJcFBOfbdnn2okHcjSe6Lu5QEh3S3c=; b=cwqKme0UXCuR3gjEDvxku6j3r42buunvfvNekwIpo+kJalYgq/sOBWBbKFhZvsimY8 LbP7ffuZ6Le185beyv2glCd0g6ZS1UhxQ6Z7dSf0OPJei+quy/zcXaT7ahgNOHnyZjhc un3HlWDgmVt0peCZ4BBNqE7jnhb0W1mv76cddYydq6KLC3NgCxLXcuNgR16ElOTl15zw WX+EUml5f3mfcs/HjeyEp0cZObLTQeT6lYcWmvvhfOJ9oqIF7vC7KjZlzIslbuljcv+6 k/JAllxO4NnbYsAYfoNhcEjt6nsMRJhz0CXyuxW6CrWp392hn8iSao8aUT7C0JcDAXUY VGcA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=agGrzb0X/vnCDnJcFBOfbdnn2okHcjSe6Lu5QEh3S3c=; b=BBZUvYgyZcU+9poJE2afFsFv5/Ms0hdEKwItPFwafbDQU2lB7ZvErpcDItOg/TTVeE WbRrR2r2Nn3UY55g0vuuIxEfP6DkkGfgq0NkwpkojflCDSOm1sIZpQFpNiaU4lHsbo0X SQe285RbHUoyXqPCN6qDPixfsogIDDpTvVENyoFb2fhssAiYUw6TAEtzoqoysFO+IKPb +32ThU01fjKcD7ODikvOrPKsLqLvDyfwlhscrAaW3owdDAC/N5o8MW+yAap+hMvGSYWR wJrFhtLtbgak0nBbulxyyKwO7pm2EDaxvvkcLn7YdbI72mbRuixJAMyKqUwwolE9bEgy LByQ==
X-Gm-Message-State: AKGB3mK+JcX6joyLUQVtnhPLvo89qlSATEJgI8Uq+m6kvw9kwsxgV0f+ eqXRZO2FSWp7jAdOuAILhIlFGmk=
X-Google-Smtp-Source: ACJfBosK5Ki/pMgAoVrO9JQxULUF4x5u177yh86BsCPw4NxnwnrS9b5X4YAySWcGwuDZ5t0jjofSeg==
X-Received: by 10.36.17.15 with SMTP id 15mr2077459itf.53.1513666183884; Mon, 18 Dec 2017 22:49:43 -0800 (PST)
Received: from aspen.local (69-161-4-41-radius.dynamic.acsalaska.net. [69.161.4.41]) by smtp.gmail.com with ESMTPSA id d3sm658175itf.39.2017.12.18.22.49.41 for <patient@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Dec 2017 22:49:42 -0800 (PST)
To: patient@ietf.org
References: <MWHPR16MB14881688FE400E3277CA8A9393310@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14889BEE3EB0ED5F328D7C3993370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14889B7535153E5844649CA393370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB14880A12D15AC58FDD5CEC8793370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488D43F3B53BC7BBE9D836593370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488853B0E4F7BB8E557288D93370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB148845FB069D03625BC399B193370@MWHPR16MB1488.namprd16.prod.outlook.com> <MWHPR16MB1488848D7AC828EBB8DA90B093350@MWHPR16MB1488.namprd16.prod.outlook.com> <DM5PR16MB148477E1FAA4C210A3B013F7930A0@DM5PR16MB1484.namprd16.prod.outlook.com> <dfdb52ca-81ae-50b7-cd5f-e256b5cb047d@cs.tcd.ie> <AF4C62E0-61AB-45DB-B3E6-56AB67A1070A@telefonica.com> <d47e82af-5c6f-9be5-4226-4d6713701148@cs.tcd.ie> <98E78B0A-0351-4702-98F5-62DAF2C125CD@telefonica.com> <217613C9-9D51-4CC9-8C8C-D632E1CECFF6@gmail.com>
From: Melinda Shore <melinda.shore@nomountain.net>
Message-ID: <1a9adaa6-f1f9-1c0e-490a-6b84290af939@nomountain.net>
Date: Mon, 18 Dec 2017 21:49:37 -0900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <217613C9-9D51-4CC9-8C8C-D632E1CECFF6@gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="9kJjF9bGxiW7Rj0KO6Beo2Vpxv6FdqnXv"
Archived-At: <https://mailarchive.ietf.org/arch/msg/patient/oWZHAMuXFjO1H_qQ4fk4wwioO2g>
Subject: Re: [Patient] [saag] Internet Draft posted as requested -
X-BeenThere: patient@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <patient.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/patient>, <mailto:patient-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/patient/>
List-Post: <mailto:patient@ietf.org>
List-Help: <mailto:patient-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/patient>, <mailto:patient-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2017 06:49:46 -0000

On 12/18/17 8:41 PM, Bret Jordan wrote:
> While some members of this community may philosophically not like
> network based protections or want all of the protections to reside on
> the client,  [ ... ]

I think it is fair to say that this is a mischaracterization of
the argument.  The issue here is with weakening application or
transport security in order to allow middleboxes to work their
magic.  That is to say, that's the tradeoff that's under discussion.

Melinda


-- 
Software longa, hardware brevis

PGP fingerprint: 795A 714B CD08 F996 AEFE
                 AB36 FE18 57E9 6B9D A293