Re: [Pppext] Future of the PPP WG
Jacni Qin <jacniq@gmail.com> Tue, 13 September 2011 03:52 UTC
Return-Path: <jacniq@gmail.com>
X-Original-To: pppext@ietfa.amsl.com
Delivered-To: pppext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 22CAA21F8B6C for <pppext@ietfa.amsl.com>;
Mon, 12 Sep 2011 20:52:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.438
X-Spam-Level:
X-Spam-Status: No, score=-3.438 tagged_above=-999 required=5 tests=[AWL=0.160,
BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ozNuaLZytgtl for
<pppext@ietfa.amsl.com>; Mon, 12 Sep 2011 20:52:04 -0700 (PDT)
Received: from mail-vw0-f54.google.com (mail-vw0-f54.google.com
[209.85.212.54]) by ietfa.amsl.com (Postfix) with ESMTP id 0A3C121F8B87 for
<pppext@ietf.org>; Mon, 12 Sep 2011 20:52:03 -0700 (PDT)
Received: by mail-vw0-f54.google.com with SMTP id 18so267648vws.27 for
<pppext@ietf.org>; Mon, 12 Sep 2011 20:54:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type; bh=EDe7QAIvsdbdbxa5IlfTnOAEpplLJlgL2NYqsHf3qxA=;
b=mE4li822TPMc0cmMrdaGIQtNjHd95puNnIOj7VS3nxtwe/Z5vv9oCDLJNZEysm/FPW
1doGzeXZd4VAlLCZsvSmM3/gl8bmHIc00FOvoKdzsRAX6voeRMmqjQvJl2whZDQp25Sh
XyXkywuEBCeg2mlohpqDm1C9BHX20YhlvivrI=
MIME-Version: 1.0
Received: by 10.52.69.177 with SMTP id f17mr628249vdu.150.1315886049230;
Mon, 12 Sep 2011 20:54:09 -0700 (PDT)
Received: by 10.52.187.161 with HTTP; Mon, 12 Sep 2011 20:54:09 -0700 (PDT)
In-Reply-To: <201109100337.p8A3bINo074937@calcite.rhyolite.com>
References: <201109100127.p8A1QxVI003799@cichlid.raleigh.ibm.com>
<201109100337.p8A3bINo074937@calcite.rhyolite.com>
Date: Tue, 13 Sep 2011 11:54:09 +0800
Message-ID: <CAHmj1WcuJJYJVmiggAG51jxSAUZ7vpAdM9cHo21jqMcSjCApGw@mail.gmail.com>
From: Jacni Qin <jacniq@gmail.com>
To: Vernon Schryver <vjs@rhyolite.com>
Content-Type: multipart/alternative; boundary=20cf307d00d0877f3b04acca987c
Cc: pppext@ietf.org
Subject: Re: [Pppext] Future of the PPP WG
X-BeenThere: pppext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PPP Extensions <pppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pppext>,
<mailto:pppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pppext>
List-Post: <mailto:pppext@ietf.org>
List-Help: <mailto:pppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pppext>,
<mailto:pppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2011 03:52:05 -0000
On Sat, Sep 10, 2011 at 11:37 AM, Vernon Schryver <vjs@rhyolite.com> wrote: > > From: Thomas Narten <narten@us.ibm.com> > > > (By that, are there still folk doing PPP implementations > > that would read such documents?) > > > > This WG's current charter seems to be very realistic and pragmatic > > given the state of both PPP and the WG. We should not be updating the > > charter to add items that will in practice never get done, no matter > > how much we might like to see such work getting done (in an ideal > > world). > > A more accurate way to say that is that this WG should not be turned > into a vanity press for old folks trying to prove we're not irrelevant. > > If there is real and substantial work to be done, then it should be > proposed before changing the charter in sufficient detail to convince > honest and well informed third parties that and how the charter should > be changed. > > Observations that the security of PPP protocols might be improved > would be valid but entirely insufficient. Significant needs and > potential fixes must be proposed before starting yet another > multi-year PPP project that would not finish before IPv4 address > exhaustion finally makes IPv6 real. > > Actually, we are trying to get things done in real world to smooth the path to IPv6, which seems to be welcome by some ISPs, since, there is a gap in the case of PPP for IPv6. I know it may have been discussed, and a suggestion was given, but some ISPs whose access networks are 90% based on PPP, and who are planning to deploy IPv6 for their comercial services, are not convinced. There're still works need to be done. Cheers, Jacni > ... > > Personally I think PPP insecurity was never a very pressing problem, > because link layer security never mattered as much as security at > higher layers. > > Besides, other link layer protocols such as 802.11 that are more > popular (measured by nodes using them) and less secure (as commonly > deployed) make the insecurity of PPP links moot. What bad guy would > bother attacking a PPP/DSL link when a radio can get bits on and > off the same PPP link easier and with fewer traces? > > Link layer encryption, authentication, and authorization don't > matter a lot if you have end-to-end confidentiality, authentication, > authorization, non-repudiation, etc. On the other hand, if you > haven't secured things end-to-end, then link layer security is > snake oil. > > If you've the least connection to today's operational security > community, you know that the worst that could happen with a link layer > attack is trivial compared what happens now in higher layers. Even > if this WG could fix PPP security this decade, wouldn't the effort > of the rest of the IETF in reviewing, advancing, and shuffling our > documents be better spent in the higher layers? Recall BPG security, > what DigiNotar and Comodo prove about PKI (that we all knew many years > ago), old style insecure DNS, DNSSEC vulnerabilities analogous to the > PKI problems, the RIR issues, and so forth and so on and on. > > > It would be nice to fix nasty messes such as PPPoE, but that ship > has also sailed. > > > Vernon Schryver vjs@rhyolite.com > _______________________________________________ > Pppext mailing list > Pppext@ietf.org > https://www.ietf.org/mailman/listinfo/pppext >
- [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG Mark Townsley
- Re: [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Mark Townsley
- Re: [Pppext] Future of the PPP WG William Allen Simpson
- Re: [Pppext] Future of the PPP WG Thomas Narten
- Re: [Pppext] Future of the PPP WG Vernon Schryver
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG Bernard Aboba
- Re: [Pppext] Future of the PPP WG Mark Townsley
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG Vernon Schryver
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG Mark Townsley
- Re: [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Ignacio Goyret
- Re: [Pppext] Future of the PPP WG William Allen Simpson
- Re: [Pppext] Future of the PPP WG Jacni Qin
- Re: [Pppext] Future of the PPP WG Jacni Qin
- Re: [Pppext] Future of the PPP WG Jacni Qin
- Re: [Pppext] Future of the PPP WG Jacni Qin
- Re: [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG Mark Townsley
- Re: [Pppext] Future of the PPP WG James Carlson
- Re: [Pppext] Future of the PPP WG Vernon Schryver
- Re: [Pppext] Future of the PPP WG William Allen Simpson
- Re: [Pppext] Future of the PPP WG Glen Zorn
- Re: [Pppext] Future of the PPP WG William Allen Simpson
- Re: [Pppext] Future of the PPP WG Donald Eastlake
- Re: [Pppext] Future of the PPP WG Donald Eastlake