Re: [saag] keys under doormats: is our doormat ok?

Watson Ladd <> Mon, 13 July 2015 04:47 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E9CF01A90C8 for <>; Sun, 12 Jul 2015 21:47:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dxEtk4LnXNXL for <>; Sun, 12 Jul 2015 21:47:05 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 004E31ACD8B for <>; Sun, 12 Jul 2015 21:47:04 -0700 (PDT)
Received: by wicmv11 with SMTP id mv11so51300847wic.1 for <>; Sun, 12 Jul 2015 21:47:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Yq0sVMcZJqZfhCW2UTn3hqc/bk2+GynYtO7OcnDFgsM=; b=wamcDNRIZpmZmMhXZf1Za2VyNP51JWoqcceOzWqe95zM1Ao3Z8ucSg8NSNK/+Mcupc aXp/mssAPSkcxtQ7Dl96Lk3qxpBlauBNAZhYbFHMXCCxThAllJ2QjYzcCXo88HgJEoMU CEKvoaShPwI40wjucBBtT2U0KZZfe69nDBcl2HJgXO97Zb84uO3mUN/TvfsEpyZBzFyl dSr3MZHXkQfoY7PCiqBTdndgQV+Ysj+QALXAqvejbgXp8UiBUcujMoa3Y5PBk/1KgDV0 V5kGqc6N6oh1c0e/v8OsEsrdRQp3YeVl6YSRTtq3q22MlBGrofgXAwsq35K819mr90qW hEiw==
MIME-Version: 1.0
X-Received: by with SMTP id bc2mr67599610wjc.85.1436762823721; Sun, 12 Jul 2015 21:47:03 -0700 (PDT)
Received: by with HTTP; Sun, 12 Jul 2015 21:47:03 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <>
Date: Sun, 12 Jul 2015 21:47:03 -0700
Message-ID: <>
From: Watson Ladd <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Cc: "" <>
Subject: Re: [saag] keys under doormats: is our doormat ok?
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 13 Jul 2015 04:47:07 -0000

On Sun, Jul 12, 2015 at 3:28 PM, Dave Crocker <> wrote:
> On 7/12/2015 11:10 AM, Carsten Bormann wrote:
>>> I disagree. Publishing an update signals that our opinion has evolved.
>>> It hasn't, even if the technology has evolved to make software the focus
>>> rather than hardware. Besides, this kind of document is a huge rathole,
>>> and I don't believe any minimal changes would be worth the hassle.
>> I completely agree.
>> Just as we elevated RFC 20 to STD, we could still elevate it to BCP -- a
>> status that, IIRC, was just becoming available at the time RFC 1984 was
>> published.
> First, in the world of politics -- and any other environment that has
> folk looking to squash views they don't like -- people will use anything
> they can find to undermine such views.  The fact that a decision is 20
> years old really does sway some folk.  It does not matter whether it
> should.  What matters is whether such folk matter.
> As often as we have people conducting protracted threads on IETF lists
> with silly crazies, on the off-chance that someone, somewhere, will take
> the crazy seriously, we need to pay attention to the potential that the
> IETF position of 20 years ago will be dismissed because it was made 20
> years ago.

The other factor is that we are entirely irrelevant to the discussion
this time around. Solutions like TextSecure use proprietary protocols
and aren't federated at all. It's not like when we were the place
where IKE2 and co were standardized, in which case our opinion
mattered. Now it's about the strength of our arguments, and the extent
(minimal) to which we appear to represent a cross-section of the
relevant industry.

>      The question is not merely whether our views have changed,
>      but whether they apply to the current issue as well as the
>      one 20 years ago.
>      To have a consensus view that the current issue is the same
>      as 20 years ago is an example of something that constitutes new
>      work.  So even if we think there is nothing new to say, there is
>      something extremely important to say that is new.
> I will suggest that it would be worth publishing a revised version of
> the previous RFC, with the addition of some text that explains how that
> previous decision applies to the current topic.  And or how the current
> topic is the same as the previous topic and that the IETF position
> remains now as it was then.

If you actually read RFC 1984, you will note that it lists 4 policies
considered bad. One of those is mandating that keys are in the hands
of a third party, which is what is being proposed today. What would
this proposed revision add that would clarify that this is what is
being talked about? I do think we could have done a lot better: RFC
1984 doesn't contain a whole lot of argument: only conclusions. Don't
expect a repeat to be listened to.

> I will also suggest that we ought to have the IETF review of the draft
> RFC for this include a segment at an IETF plenary.  However we aren't
> likely to get a draft at that stage by 10 days from now and we almost
> certainly should not wait until the next IETF.
> So I suggest that one of the plenaries contain a capsule summary --
> bulleted list -- of the points folk think should be made in the
> revision, and that a 'sense of the room' be taken during the plenary.
> And that the result of that polling be cited in the IETF's documentation
> about the intended draft and then in the draft itself.
> I'm glad to offer review services for the bulleted list and/or the draft.
> d/
> --
> Dave Crocker
> Brandenburg InternetWorking
> _______________________________________________
> saag mailing list

"Man is born free, but everywhere he is in chains".