[saag] keys under doormats: is our doormat ok?

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 12 July 2015 12:58 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id C771D1ACE69 for <saag@ietfa.amsl.com>; Sun, 12 Jul 2015 05:58:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.611
X-Spam-Status: No, score=-1.611 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id GcxomiIZDWt7 for <saag@ietfa.amsl.com>; Sun, 12 Jul 2015 05:58:48 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA0121ACE68 for <saag@ietf.org>; Sun, 12 Jul 2015 05:58:48 -0700 (PDT)
Received: from localhost (localhost []) by mercury.scss.tcd.ie (Postfix) with ESMTP id 09973BDD8 for <saag@ietf.org>; Sun, 12 Jul 2015 13:58:46 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([]) by localhost (mercury.scss.tcd.ie []) (amavisd-new, port 10024) with ESMTP id vEVzOncSpveI for <saag@ietf.org>; Sun, 12 Jul 2015 13:58:44 +0100 (IST)
Received: from [] (unknown []) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 98109BDD0 for <saag@ietf.org>; Sun, 12 Jul 2015 13:58:44 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1436705924; bh=XeGcDldwop8svctphA+HKvHCUhpNWUT++uA431vy/NU=; h=Date:From:To:Subject:From; b=ew9h1KxRiulsYMHOin8pM5mPAOS0nddFKVaecxbicW5ahWND5qf9ouT/LUIs/CpUD t6phZXGF99AGxiSqYvsgUPk3RbsVXI2LpZIlTptyAixkcve3WS8P8CWFeFeq47kluz IftM+zhN/chE+p0E9rapx5tanFAtbDYGcS5QjNzI=
Message-ID: <55A26484.7050807@cs.tcd.ie>
Date: Sun, 12 Jul 2015 13:58:44 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: "saag@ietf.org" <saag@ietf.org>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/0zqKatXLbsPmhIFlYFctVGmcygY>
Subject: [saag] keys under doormats: is our doormat ok?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jul 2015 12:58:50 -0000


I'm sure a bunch of you have seen [1] and various reports of
potential government silliness that presumably prompted that.
So I just re-read RFC1984 [2] and I think it still does a good
enough job of setting out the IETF's position on the topic.

Since that RFC is almost 20 years old, I thought I'd check on
here if folks think anything more needs to be done in the IETF.
If there were, then it'd be timely to talk about that in Prague.

However, I think we're ok already thanks to RFC1984 but please
do say if you think something more needs to be done in the IETF.
(More no doubt needs to be done outside the IETF context, but
I'm not asking about that.)


[2] https://tools.ietf.org/html/rfc1984