Re: [saag] should we revise rfc 3365?
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 29 May 2012 15:30 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97AB121F85CF for <saag@ietfa.amsl.com>; Tue, 29 May 2012 08:30:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.707
X-Spam-Level:
X-Spam-Status: No, score=-101.707 tagged_above=-999 required=5 tests=[AWL=0.892, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVW9y0QEKQQA for <saag@ietfa.amsl.com>; Tue, 29 May 2012 08:30:52 -0700 (PDT)
Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 7C0EE21F85CE for <saag@ietf.org>; Tue, 29 May 2012 08:30:51 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 8B22915396B; Tue, 29 May 2012 16:30:50 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1338305448; bh=Kkna9fvGPlCCog blYQ0Qx3H0u7YiNFkuBQBTXNGQy8E=; b=S5ezPHofThwIVzmyGaGYM+IjU2SvM5 bCy0nJOTk4uTJTtLiJaTdqPOLlj+i0IUmMCLBbXq18Cy61Bf2+qMdE52C/8cVKDK XHiwgEkSSOkPdS7dK1aH6lOBl8pzEuXIOiqKkYvHsypkBqRoT1ExVCJnl1kP/zwm 7fu7d56I32dgS5bAXp4yoSH4f0lWJJR7f9T3T7t/Ly5qyYTVjH6VY4P9GCpTEaaY UvjQ6pYOybiza4EUCw5xrs6tbdrj70JPCRfrKiItdZTtK9XF3ej8qye5fOwERYVC eRs/ZcuIrCbpOz78GrqSYYENp2SFvgiQjoEkmkYcNVVZUnDKk3LyVXNw==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id vSh0dl8wId1h; Tue, 29 May 2012 16:30:48 +0100 (IST)
Received: from [IPv6:2001:770:10:203:746a:67db:b7ac:1c60] (unknown [IPv6:2001:770:10:203:746a:67db:b7ac:1c60]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 6B0B6153947; Tue, 29 May 2012 16:30:47 +0100 (IST)
Message-ID: <4FC4EBA7.9070106@cs.tcd.ie>
Date: Tue, 29 May 2012 16:30:47 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: Mouse <mouse@Rodents-Montreal.ORG>
References: <4FBD6A78.2070204@cs.tcd.ie> <201205232351.TAA23415@Sparkle.Rodents-Montreal.ORG>
In-Reply-To: <201205232351.TAA23415@Sparkle.Rodents-Montreal.ORG>
X-Enigmail-Version: 1.4.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: saag@ietf.org
Subject: Re: [saag] should we revise rfc 3365?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2012 15:30:53 -0000
Hiya, On 05/24/2012 12:51 AM, Mouse wrote: >> Short version: go read [RFC 3365] and say if you think it needs an >> update. > > Yes, but I believe it's not one you're willing to accept. > >> "MUST implement strong security in all protocols" > > I believe this is too dogmatic a position, and will simply lead to IETF > process being ignored in those cases where strong security is > unnecessary or undeisrable. Consider, for example, the number of > useful protocols we have today that could not be standardized under > this policy: whois, SMTP, and DHCP come to mind. Based on a quick skim > of the specs, NFS is another one (even v4 doesn't seem to have MTI > security, only an MTI framework within which security can optionally be > done - but that's just a quick skim; I could easily have missed > something). > > I know that, as an occasional protocol designer, if I believe a > protocol has no need for security, I would sooner ignore the IETF than > I would bother with shoehorning enough security to satisfy the IETF > into it. > > Aside from this excessively (I believe) dogmatic position, I see > nothing wrong with 3365. So how would you phrase it so that we do get security mechanisms defined in most all cases but not when they're really really not needed (or fictional)? Cheers, S. > > /~\ The ASCII Mouse > \ / Ribbon Campaign > X Against HTML mouse@rodents-montreal.org > / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > >
- [saag] should we revise rfc 3365? Stephen Farrell
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Steven Bellovin
- Re: [saag] should we revise rfc 3365? Joe Touch
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] should we revise rfc 3365? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Nico Williams
- Re: [saag] should we revise rfc 3365? Stephen Farrell
- Re: [saag] should we revise rfc 3365? Stephen Farrell
- Re: [saag] should we revise rfc 3365? Stephen Farrell
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] should we revise rfc 3365? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] should we revise rfc 3365? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Mouse
- Re: [saag] should we revise rfc 3365? Joe Touch
- Re: [saag] should we revise rfc 3365? Nico Williams