Re: [proxies] [IETF Proxy] Next Steps

<Bernard_Aboba@hotmail.com> Sat, 03 May 2008 06:11 UTC

Return-Path: <proxies-bounces@ietf.org>
X-Original-To: proxies-archive@ietf.org
Delivered-To: ietfarch-proxies-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E9C93A69D6; Fri, 2 May 2008 23:11:22 -0700 (PDT)
X-Original-To: proxies@core3.amsl.com
Delivered-To: proxies@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8AC0F3A69D6 for <proxies@core3.amsl.com>; Fri, 2 May 2008 23:11:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.058
X-Spam-Level:
X-Spam-Status: No, score=-1.058 tagged_above=-999 required=5 tests=[AWL=-0.126, BAYES_00=-2.599, SARE_HEAD_XUNSENT=1.666, STOX_REPLY_TYPE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XIoo-8zRmiBq for <proxies@core3.amsl.com>; Fri, 2 May 2008 23:11:20 -0700 (PDT)
Received: from blu0-omc4-s18.blu0.hotmail.com (blu0-omc4-s18.blu0.hotmail.com [65.55.111.157]) by core3.amsl.com (Postfix) with ESMTP id C11B03A6A36 for <proxies@ietf.org>; Fri, 2 May 2008 23:11:20 -0700 (PDT)
Received: from BLU137-DS2 ([65.55.111.137]) by blu0-omc4-s18.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 2 May 2008 23:11:22 -0700
X-Originating-IP: [24.18.147.115]
X-Originating-Email: [bernard_aboba@hotmail.com]
Message-ID: <BLU137-DS23BFCC236C5FAFB7D66DC93D50@phx.gbl>
From: <Bernard_Aboba@hotmail.com>
In-Reply-To: <7.0.1.0.2.20080416172531.02401228@nist.gov> <200804171550.48931.stefan.winter@restena.lu><273c5c8bff26c3c057519da2b038e1ba.squirrel@www.trepanning.net> <481BFB77.4050203@nitros9.org>
To: "Alan DeKok" <aland@nitros9.org>, "Dan Harkins" <dharkins@lounge.org>
References: <7.0.1.0.2.20080416172531.02401228@nist.gov> <200804171550.48931.stefan.winter@restena.lu><273c5c8bff26c3c057519da2b038e1ba.squirrel@www.trepanning.net> <481BFB77.4050203@nitros9.org>
X-Unsent: 1
Date: Fri, 2 May 2008 23:11:39 -0700
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 12.0.1606
X-MimeOLE: Produced By Microsoft MimeOLE V12.0.1606
X-OriginalArrivalTime: 03 May 2008 06:11:22.0397 (UTC) FILETIME=[829DF4D0:01C8ACE4]
Cc: proxies@ietf.org
Subject: Re: [proxies] [IETF Proxy] Next Steps
X-BeenThere: proxies@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion list for ad hoc group interested in security and proxies <proxies.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:proxies@ietf.org>
List-Help: <mailto:proxies-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: proxies-bounces@ietf.org
Errors-To: proxies-bounces@ietf.org

>>   These are not things that I think we _have_ to deal with especially in
>> a technical forum. These are issues that a customer will require a vendor
>> of AAA product to support, in much the same way that "lawful intercept"
>> is a political add-on to a technical solution--
>
>  I'd like to see a document making this distinction clear for everyone.

Yes.  Personally, I find it unnerving when vendors cite requests from 
government
agencies as the basis for engineering decisions that cannot be justified on 
technical
grounds.  Implementers are perfectly capable of shipping software with 
security
vulnerabilities that enable miscreants to take control without being 
assisted in that
task by design flaws inserted by the IETF. 

_______________________________________________
Proxies mailing list
Proxies@ietf.org
https://www.ietf.org/mailman/listinfo/proxies