Re: [Pppext] Future of the PPP WG

Glen Zorn <glenzorn@gmail.com> Sat, 10 September 2011 05:29 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: pppext@ietfa.amsl.com
Delivered-To: pppext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4725521F85DA for <pppext@ietfa.amsl.com>; Fri, 9 Sep 2011 22:29:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eUG1JKQx8gYM for <pppext@ietfa.amsl.com>; Fri, 9 Sep 2011 22:29:00 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id B2C4021F85D1 for <pppext@ietf.org>; Fri, 9 Sep 2011 22:29:00 -0700 (PDT)
Received: by ywa6 with SMTP id 6so577435ywa.31 for <pppext@ietf.org>; Fri, 09 Sep 2011 22:30:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=mE1grlF3sKdIcf0/RU5p1zwu876oWwVeau3wf8jof7Q=; b=f0aKG60LsRERz6mCnF4Cm8AZspOxmd4ojJ4fcDYax5T3j8lLHAcVMQ4dbebT2xGYWM Ir1zbDtRY5sJuNlvocpqxOkH3LxpMYFUSwbKjOa5DLbOBP219HU3L+78bhMzE9DNTsbI CIqTByW4FM/oiOUX1cki3NMgjOBIo04NmKySg=
Received: by 10.150.59.2 with SMTP id h2mr2824782yba.363.1315632657275; Fri, 09 Sep 2011 22:30:57 -0700 (PDT)
Received: from [192.168.1.99] (ppp-58-11-144-164.revip2.asianet.co.th [58.11.144.164]) by mx.google.com with ESMTPS id b4sm4010634ank.3.2011.09.09.22.30.53 (version=SSLv3 cipher=OTHER); Fri, 09 Sep 2011 22:30:56 -0700 (PDT)
Message-ID: <4E6AF60A.60907@gmail.com>
Date: Sat, 10 Sep 2011 12:30:50 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: Donald Eastlake <d3e3e3@gmail.com>
References: <CAF4+nEF-G1zpRABffyT+fpx=Oc0__u1Yth6oK-1UWLTqEgCRVg@mail.gmail.com> <4E69F98B.2050504@gmail.com> <CAF4+nEGAcFuqwUpyUz3Vd6AuZZui-q2wADdO8mNmrAXndUyCBw@mail.gmail.com>
In-Reply-To: <CAF4+nEGAcFuqwUpyUz3Vd6AuZZui-q2wADdO8mNmrAXndUyCBw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: IETF PPP Extensions <pppext@ietf.org>
Subject: Re: [Pppext] Future of the PPP WG
X-BeenThere: pppext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PPP Extensions <pppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pppext>, <mailto:pppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pppext>
List-Post: <mailto:pppext@ietf.org>
List-Help: <mailto:pppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pppext>, <mailto:pppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Sep 2011 05:29:01 -0000

On 9/10/2011 1:18 AM, Donald Eastlake wrote:

...

>>> In the process of producing RFC 6361, it became very apparent that the
>>> PPP security RFCs, such as they are, meet few, if any, modern IETF
>>> security guidelines.
>>
>> Would these be realistic guidelines (such as RFC 3552 (but do you
>> consider that 'modern')) or pie-in-the-sky "in my dream world this is
>> how it would work" guidelines (like RFC 4962)?
> 
> I should think the PPPEXT WG would decided which guidelines, subject
> to the constrains of getting documents through the IETF process :-)
> 
>>> I believe that there should be an update of PPP
>>> security or, if an effort to update them fails for some reason, then
>>> at least old / inadequate / unimplemented PPP security RFCs should be
>>> declared historic.
>>
>> Do you have a list of said RFCs?
> 
> I don't think it is complete but how about the following to start with:
> 
> "The PPP Encryption Control Protocol (ECP)",
>                RFC 1968, June 1996.
> "PPP Challenge Handshake Authentication
>                Protocol (CHAP)", RFC 1994, August 1996.
> "The PPP Triple-DES Encryption Protocol (3DESE)", RFC 2420, September 1998.
> 

OK, I guess the crux of my previous question (which I apparently did not
express well) is whether or not the proposed updates are solely or at
least primarily editorial in nature (e.g., bringing the Security
Considerations section into line with the recommendations of RFC 3552).
 Of the documents you mention, I suspect that RFC 1968 & RFC 2420 could
probably be changed any way we want to, since AFAIK there are no actual
deployments of either (I request correction!) but we can't go changing
the way that CHAP works.

...