Re: [saag] Fw:Fw:New Version Notification for draft-cui-dhc-dhcpv6-encryption-02.txt
Randy Bush <randy@psg.com> Wed, 29 July 2015 11:40 UTC
Return-Path: <randy@psg.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F0001A8788 for <saag@ietfa.amsl.com>; Wed, 29 Jul 2015 04:40:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SXwCxsXiy2SX for <saag@ietfa.amsl.com>; Wed, 29 Jul 2015 04:40:32 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26D721A8787 for <saag@ietf.org>; Wed, 29 Jul 2015 04:40:32 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1ZKPin-0004Hq-Gf; Wed, 29 Jul 2015 11:40:29 +0000
Date: Wed, 29 Jul 2015 20:40:28 +0900
Message-ID: <m2a8ufgpjn.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <55B8A692.8080409@cs.tcd.ie>
References: <313da830.6be8.14ed8564467.Coremail.lilishan48@126.com> <m2mvyfh1re.wl%randy@psg.com> <55B8A692.8080409@cs.tcd.ie>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/72ftDfRVH9du2Sl3tvGUUEtH0bk>
Cc: Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Fw:Fw:New Version Notification for draft-cui-dhc-dhcpv6-encryption-02.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2015 11:40:33 -0000
TOFU is a bit oxymoronic, or certainly abuses 'trust'. it is more like You Undergo Big Attack. it just gives you some assurance the attacker is reproducible. but this is a tangent. the point is that protocols which rely on keying really need to nail the key distribution model(s). while tofu may be one, is it really one that security folk think the ietf should advocate for set-up authenticity? it's not how i want to make the wsj; and coffee shop mitm will be in the wsj soon enough. randy
- [saag] Fw:Fw:New Version Notification for draft-c… Lishan Li
- Re: [saag] Fw:Fw:New Version Notification for dra… Randy Bush
- Re: [saag] Fw:Fw:New Version Notification for dra… Stephen Farrell
- Re: [saag] Fw:Fw:New Version Notification for dra… Randy Bush
- Re: [saag] Fw:Fw:New Version Notification for dra… Lishan Li
- Re: [saag] Fw:Fw:New Version Notification for dra… Stephen Farrell
- Re: [saag] Fw:Fw:New Version Notification for dra… Stephen Farrell
- Re: [saag] Fw:Fw:New Version Notification for dra… Lishan Li
- Re: [saag] Fw:Fw:New Version Notification for dra… Stephen Farrell
- Re: [saag] Fw:Fw:New Version Notification for dra… Randy Bush
- Re: [saag] Fw:Fw:New Version Notification for dra… Christian Huitema
- Re: [saag] Fw:Fw:New Version Notification for dra… Lishan Li
- Re: [saag] [dhcwg] Fw:Fw:New Version Notification… Erik Kline
- Re: [saag] Fw:Fw:New Version Notification for dra… ianG
- Re: [saag] Fw:Fw:New Version Notification for dra… Randy Bush
- Re: [saag] New Version Notification for draft-cui… Alan DeKok
- Re: [saag] New Version Notification for draft-cui… Alan DeKok
- Re: [saag] New Version Notification for draft-cui… Bernard Aboba
- Re: [saag] New Version Notification for draft-cui… Alan DeKok
- Re: [saag] New Version Notification for draft-cui… Randy Bush
- Re: [saag] New Version Notification for draft-cui… Sam Hartman
- Re: [saag] Fw:Fw:New Version Notification for dra… Nico Williams
- Re: [saag] Fw:Fw:New Version Notification for dra… Nico Williams
- Re: [saag] New Version Notification for draft-cui… Alan DeKok
- Re: [saag] [dhcwg] Fw:Fw:New Version Notification… 李丽姗