IETF Logo Mail Archive

Re: [regext] Privacy and HR considerations for draft-ietf-regext-verificationcode

"John R Levine" <johnl@taugh.com> Wed, 02 January 2019 22:08 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3143D1274D0 for <regext@ietfa.amsl.com>; Wed, 2 Jan 2019 14:08:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=ziRabPME; dkim=pass (1536-bit key) header.d=taugh.com header.b=AegFCrvh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcQzRkut4Dhi for <regext@ietfa.amsl.com>; Wed, 2 Jan 2019 14:08:44 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FF9A126C01 for <regext@ietf.org>; Wed, 2 Jan 2019 14:08:44 -0800 (PST)
Received: (qmail 88329 invoked from network); 2 Jan 2019 22:08:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=15907.5c2d366b.k1901; bh=1V8ti+CtT6b1CsB2prSOTCfSQ9RjfB+S6/erqVg9Icw=; b=ziRabPMEUqsNSPgTYCfDE26feWdfaPcCuIEkVMXwMGctnfffc2RyBX2BRICuSdjsjTP2j4zNZh5t+DpGSYRMZuqeKMbT+c7aGkZUXQHsYBEvZ27fmZdzudMfFugvpmr2R9nxJ/lQAFUrEDTFdkW4XEGjcbtGpqahXjexlR+3nd0qEoAx6OSnPl7W60RYpulfGjo/Vk2Z1JtSFrR97QeUCNbY4yEviBPoDWrtDFL9R9/bt1ODymv/5Q+RCRFlWRWi
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=15907.5c2d366b.k1901; bh=1V8ti+CtT6b1CsB2prSOTCfSQ9RjfB+S6/erqVg9Icw=; b=AegFCrvhb+YxAOaQjv29SElTvUKfefdf4q1ld4t8QrqXCbtaJTCrmt+OVRUIu+LCoz7LRrW1rFK4xhlwyLCvQ0v078gCbUaXL8on2pm5MNQviuqb2JduD0rQ2mywdD/vgb+nx+hhhq1HO/G1kN6zRkroo+s6sMFL3rJoB0/Dx0tDZZeXLQPa/3OCquwVlfD9EP6mNwFkb0JEKoXhkNvOY3O1y39Y0rp6QmgeG5djn1rc77IiCaDlRxiSDQjPVtT/
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 02 Jan 2019 22:08:43 -0000
Date: Wed, 02 Jan 2019 17:08:42 -0500
Message-ID: <alpine.OSX.2.21.1901021707280.85512@ary.qy>
From: John R Levine <johnl@taugh.com>
To: "Gould, James" <jgould@verisign.com>
Cc: "adam@nostrum.com" <adam@nostrum.com>, "regext@ietf.org" <regext@ietf.org>
In-Reply-To: <0AAC649A-2171-441C-A653-EA10878F079C@verisign.com>
References: <41f72627-faf2-1fd4-b356-065b3cb98e2b@cis-india.org> <20181228194511.1ACBC200C07CD3@ary.qy> <01E9282A-0F48-4A39-837A-52CBB362571F@verisign.com> <alpine.OSX.2.21.1901021246440.84554@ary.qy> <b5e53ff4-b975-9380-d689-b3bb922cf253@nostrum.com> <alpine.OSX.2.21.1901021548390.85512@ary.qy> <0AAC649A-2171-441C-A653-EA10878F079C@verisign.com>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-872712360-1546466923=:85512"
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/8C53b6coUIvZiLi6rEWLFq7oY58>
Subject: Re: [regext] Privacy and HR considerations for draft-ietf-regext-verificationcode
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 22:08:47 -0000

On Wed, 2 Jan 2019, Gould, James wrote:
> To remove any concerns related to the inclusion of VSP policy in draft-ietf-regext-verificationcode, the sentence " The VSP MUST store the proof of verification and the generated verification code; and MAY store the verified data." can be removed.  If there are no objections to the removal of this sentence, it will be removed in the next version of the draft.

That's OK with me.  I'm not totally opposed to it but without some hint 
about what an interoperating system would do with the object the token 
points to, I think it's confusing.  As you can see, it confused me.

>
> —
>
> JG
>
>
>
> James Gould
> Distinguished Engineer
> jgould@Verisign.com
>
> 703-948-3271
> 12061 Bluemont Way
> Reston, VA 20190
>
> Verisign.com <http://verisigninc.com/>
>
> On 1/2/19, 3:56 PM, "regext on behalf of John R Levine" <regext-bounces@ietf.org on behalf of johnl@taugh.com> wrote:
>
>    On Wed, 2 Jan 2019, Adam Roach wrote:
>    >>  I don't understand why.  The code is a signed token.  Imagine the registry
>    >>  goes back to the signer asks about token 123-foo666 and the answer is
>    >>  "We're the Ministry, we signed it, of course it's valid.  The details are
>    >>  secret."
>    >>
>    >>  While that would not be my favorite way to work, and I can easily imagine
>    >>  other scenarios with auditing and transparency business requirements, why
>    >>  wouldn't that interoperate?
>    >
>    > If we're concerned merely with interoperation, the same is true of most --
>    > if not all -- normative keywords used in "Security Considerations" sections.
>    > Your position might (or might not) be correct, but the logic of "2119
>    > language is only used for interoperabilty reasons" simply isn't true.
>
>    I think there's a difference -- in security sections the goal is usually
>    to prevent leakage or spoofing or something else that would allow a
>    malicious party to interoperate with a victim.  One part of good interop
>    is not to interoperate with attackers.  But that's not what's going on
>    here.  The signature shows that the token is valid, and unless I'm missing
>    something, whatever you might learn from the thing the token represents is
>    outside the scope of EPP.
>
>    Regards,
>    John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
>    Please consider the environment before reading this e-mail. https://jl.ly
>
>

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email