IETF Logo Mail Archive

Re: [saag] Fwd: Last Call: Recognising RFC1984 as a BCP

Joe Touch <touch@isi.edu> Tue, 11 August 2015 17:30 UTC

Return-Path: <touch@isi.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6C7A1ACDFF for <saag@ietfa.amsl.com>; Tue, 11 Aug 2015 10:30:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Hi-67pxMBbx for <saag@ietfa.amsl.com>; Tue, 11 Aug 2015 10:30:46 -0700 (PDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D71C1ACD8E for <saag@ietf.org>; Tue, 11 Aug 2015 10:30:46 -0700 (PDT)
Received: from [128.9.184.100] ([128.9.184.100]) (authenticated bits=0) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id t7BHTvUx020188 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 11 Aug 2015 10:30:03 -0700 (PDT)
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <20150810171306.11047.24159.idtracker@ietfa.amsl.com> <55C8EBAE.4070704@cs.tcd.ie> <370F0905-3815-4DA4-B21A-B321D92E12C9@isi.edu> <87d1yur5h9.fsf@alice.fifthhorseman.net>
From: Joe Touch <touch@isi.edu>
X-Enigmail-Draft-Status: N1110
Message-ID: <55CA3113.7000909@isi.edu>
Date: Tue, 11 Aug 2015 10:29:55 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1
MIME-Version: 1.0
In-Reply-To: <87d1yur5h9.fsf@alice.fifthhorseman.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/KDMOoXPDR45PTxEql9c_jAVUku4>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] Fwd: Last Call: Recognising RFC1984 as a BCP
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 17:30:47 -0000


On 8/10/2015 6:14 PM, Daniel Kahn Gillmor wrote:
> On Mon 2015-08-10 16:34:38 -0400, Joe Touch wrote:
>> I disagree with this change of status.
> 
> Is your disagreement on process grounds or because you disagree with the
> analysis or sentiments expressed in RFC 1984?

Both.

As a process issue:

	- The analogy to ASCII  (RFC20) is not helpful. That is a
	factual document; this is an op-ed piece.

	- It makes sense to move existing RFCs to "Historic",
	but in all other cases (ASCII included) it is much
	more common and in keeping with the IETF process to
	issue a new RFC

As a content issue:

	- we cannot issue a "last call" on a BCP unless
	the doc is open for edits

	- BCPs should make recommendations to protocol
	designers, users, implementers, and operators

	this document speaks more to governments, which is
	a policy role I feel ought to stay closer to the ISOC
	and out of the IETF/IRTF

While I appreciate the kitsch of desperately clinging to the originally
issued RFC number, the document further lacks the clear and technical
advice to EVERYONE I expect for the topic covered. Some missing issues
are noted below.

IMO, a BCP on this topic should stick to the facts, avoid wandering into
policy and governmental issues, and make clear recommendations to the
IETF community. The current RFC fails in all these regards.

Joe

----

	- the fact that lazy programming is the cause of a large
	amount of security issues (buffer overrun)

	- the concept that "crypto everywhere" is as vacuously useful
	as "crypto nowhere"

	- it makes no direct key size recommendation (as a BCP should)

	- it makes no algorithmic diversity recommendation (as, IMO,
	a crypto BCP should)

	- it makes no statement on the computational complexity of
	crypto algs and their relationship to adoption and deployment
	(as, IMO, a crypto BCP should)

	- it makes a claim about certification authorities being
	both legitimate and necessary, when they are the antithesis
	of some valid and useful crypto systems

	- it fails to address the slipshod way in which public keys
	are often signed by others, e.g., using a "government issued ID"
	as proof (who of us would know an invalid ID if we saw one?)

	(i.e., "key signing parties are a hazard to public key crypto"
	IMO)

	- it makes no statement about the relationship of the keys to
	the data, i.e., it does not warn against bare reuse of keys
	(vs., e.g., using the keys with session info to derive a
	session key)

	- it does not address how salts or seeds are generated safely,
	and why using header fields you "don't know" isn't the same
	as using random info.

	- it fails to address ways in which actions, rather than
	content, expose information (e.g., the packet patterns)

	- it fails to address the potential benefit of out-of-band
	verification or salts

The list goes on.

----

v2.23.0 | Report a Bug | By Email