IETF Logo Mail Archive

Re: [saag] Additions to RFC 3631?

"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Tue, 29 May 2012 16:58 UTC

Return-Path: <hannes.tschofenig@nsn.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB9F421F8655 for <saag@ietfa.amsl.com>; Tue, 29 May 2012 09:58:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.566
X-Spam-Level:
X-Spam-Status: No, score=-106.566 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wGJNcWA0hQQ4 for <saag@ietfa.amsl.com>; Tue, 29 May 2012 09:58:01 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [93.183.12.32]) by ietfa.amsl.com (Postfix) with ESMTP id B515321F864C for <saag@ietf.org>; Tue, 29 May 2012 09:58:00 -0700 (PDT)
Received: from demuprx016.emea.nsn-intra.net ([10.150.129.55]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id q4TGvxmq017057 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 29 May 2012 18:57:59 +0200
Received: from DEMUEXC048.nsn-intra.net ([10.159.32.94]) by demuprx016.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id q4TGvuoE023790; Tue, 29 May 2012 18:57:59 +0200
Received: from FIESEXC035.nsn-intra.net ([10.159.0.25]) by DEMUEXC048.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.4675); Tue, 29 May 2012 18:57:59 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 29 May 2012 19:59:56 +0300
Message-ID: <999913AB42CC9341B05A99BBF358718D017FDDE9@FIESEXC035.nsn-intra.net>
In-Reply-To: <1FD05DC1-A041-40B3-96B0-8C5EE944A108@shinkuro.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [saag] Additions to RFC 3631?
Thread-Index: Ac09uorQA842oDRqRQu2gYB9BeKxYQAAT12g
References: <300A2E9F-E99B-46FA-A101-E3611BD0D197@cs.columbia.edu><877gw69h81.fsf@latte.josefsson.org> <4FB9ECA4.3010904@gmail.com><D54BB652-9B1D-4A19-8F8F-AF288E4ADE24@cs.columbia.edu> <1FD05DC1-A041-40B3-96B0-8C5EE944A108@shinkuro.com>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Steve Crocker <steve@shinkuro.com>, IETF Security Area Advisory Group <saag@ietf.org>
X-OriginalArrivalTime: 29 May 2012 16:57:59.0087 (UTC) FILETIME=[33814BF0:01CD3DBC]
X-purgate-type: clean
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-size: 4393
X-purgate-ID: 151667::1338310679-00001F01-1D2D4B5D/0-0/0-0
Subject: Re: [saag] Additions to RFC 3631?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2012 16:58:02 -0000

The transition from one security solution to another one was already
mentioned at the Paris IAB technical plenary as a tough issue. (Looking
at IPv6 it seems that transition is in general a problem -- not only for
security.)

What surprised me with the presentations of the panel members was that
there are even new security problems introduced with the roll-out of new
solution solutions that interfere badly with existing deployments. Chris
Weber provided the example of CORS. 

Here is the pointer to the slides and the meeting minutes (in case
someone wasn't listening to the plenary):
http://www.ietf.org/proceedings/83/technical-plenary.html

In a nutshell, I agree with what you state below, Steve. I would just
extend it beyond cryptographic algorithms.

> -----Original Message-----
> From: saag-bounces@ietf.org [mailto:saag-bounces@ietf.org] On Behalf
Of
> ext Steve Crocker
> Sent: Monday, May 21, 2012 5:12 PM
> To: IETF Security Area Advisory Group
> Cc: Steve Crocker
> Subject: Re: [saag] Additions to RFC 3631?
> 
> I've been lurking and only following loosely, so I apologize in
advance
> if the following is off the mark.
> 
> I was pleased to see mention of RFC 4086 on proper implementation of
> random number generation -- I am proud to be one of the co-authors --
> but I thought the issue at hand is transition of crypto algorithms
when
> current algorithms become obsolete.  This is a problem that occurs in
> all protocols that use crypto algorithms, and in my opinion we have
> underplayed this in our designs.  Every protocol that uses crypto
should
> be designed with transition mechanisms built in -- and tested! -- on
the
> assumption the protocol will outlive the current set of crypto
> algorithms.
> 
> Whether we adopt a generic way of doing this across protocols or a
> specific way for each protocol is a matter of discussion.  If we can't
> come up with a way to do it in a uniform way, then it's ok with me to
> have a separate way for each protocol.  In any case, I think it's
> important -- no, that's not strong enough -- essential to have a way
of
> transitioning from current algorithms to future algorithms without
> disrupting service.  These transitions will usually take a fairly long
> time, five to ten years I think, so the process can be somewhat
relaxed.
> Relaxed does not mean undefined or vacuous.
> 
> Steve
> 
> On May 21, 2012, at 10:01 AM, Steven Bellovin wrote:
> 
> > As noted by others, RFC 4086 covers that.  It may also need
improving;
> I haven't reread it recently.  However, even a pointer to it is out of
> place in 3631bis.  3631 is about protocol mechanisms; 4086 is about
> implementations.  Mouse Mouse's suggestions are more in the domain of
> 3365, which is security design philosophy.  3631 says "if you want to
> put security into a protocol, here are the best choices we have
today".
> My question is whether or not that list should be changed.
> >
> > On May 21, 2012, at 3:20 04AM, Yaron Sheffer wrote:
> >
> >> And a short section on crypto-grade random number generation. I
would
> be glad to contribute it.
> >>
> >> 	Yaron
> >>
> >> On 05/21/2012 09:32 AM, Simon Josefsson wrote:
> >>> Steven Bellovin<smb@cs.columbia.edu>  writes:
> >>>
> >>>> Does anyone have any suggestions for additions or corrections to
> RFC 3631?
> >>>> It looks to me like it's held up pretty well, save for newer
> versions of
> >>>> some of the protocols.
> >>>
> >>> I think channel bindings ought to be discussed, as a simple way to
> bind
> >>> different layers together to avoid certain attacks.  It could be
> >>> discussed in the SASL or GSS-API section.  Further, I think EAP as
a
> >>> protocol should be included in the list of standard security
> mechanisms.
> >>>
> >>> /Simon
> >>> _______________________________________________
> >>> saag mailing list
> >>> saag@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/saag
> >>
> >
> >
> > 		--Steve Bellovin, https://www.cs.columbia.edu/~smb
> >
> >
> >
> >
> >
> > _______________________________________________
> > saag mailing list
> > saag@ietf.org
> > https://www.ietf.org/mailman/listinfo/saag
> 
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag

v2.23.0 | Report a Bug | By Email