[saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standards
Phillip Hallam-Baker <phill@hallambaker.com> Sat, 28 December 2024 21:27 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BD27C14F749 for <saag@ietfa.amsl.com>; Sat, 28 Dec 2024 13:27:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.652
X-Spam-Level:
X-Spam-Status: No, score=-1.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pGPWx-tM6zeU for <saag@ietfa.amsl.com>; Sat, 28 Dec 2024 13:26:59 -0800 (PST)
Received: from mail-qv1-f54.google.com (mail-qv1-f54.google.com [209.85.219.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54590C14F739 for <saag@ietf.org>; Sat, 28 Dec 2024 13:26:59 -0800 (PST)
Received: by mail-qv1-f54.google.com with SMTP id 6a1803df08f44-6d8a3e99e32so65584606d6.2 for <saag@ietf.org>; Sat, 28 Dec 2024 13:26:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735421218; x=1736026018; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lB1cFYRni/afo8Hi7yA9/olvBNO+6N0nqD1l2xfv690=; b=gvHEAq0FEhvgM6cB30xzgBIbmhbZqVqijhKK955iMJ5OYBP5WhZ27AQ0/2W2XphSdk iOfVtOzNozwwJiA1RTgFMUkZZQj3W7U9CoCL1P8aMejnInlvVRmnmVarMQ450P+yBzN6 BDms2Oul+Tr3b5Bb1IYcbMd3YugX5kA3vnf+IhMc4htZRva9Hc5e6UrbfbGg3l1IpS4u Bl5i2ZIKe+JVs+cJps4Gel5EnZJ6D07j/fG+664Nylf6oHTvDR+Wo97tqFAZdDRzTLxA DxiKhyJvsfPr9+vGGfAb/VXzHnF0Lh/uj7jAHVpcMxnyVCAv6bg067E6x0+hOO6yJJ55 0qHw==
X-Forwarded-Encrypted: i=1; AJvYcCXE7LjersGTo4rN+xgIjaxpQdd/iXu6zXgG9WNQYNaGe40ap1a9auOzY89MgJwCRlDzmBdp@ietf.org
X-Gm-Message-State: AOJu0YwKUlFBiyX0WjNycfEgdp09dz+ENajJAZW4Xglk3Qx3QQ8C8z8b hLa74RR+p5Op3Tv5u68nElTEQ9/B5gDMkJESgfMAJ0CwrytlvEimtYC5S3v5PKDG55hG+tJyBqZ KOEio7NOtPWC/eFzs1voZHHmmtdo=
X-Gm-Gg: ASbGncttkuRQIOBHPAcO9Xf1VBwZw5FoYuSVhyeVkx5GKKJlsc/+AqjYNBxrppqYddU cOMVXUJIgiw/UhqBC4lAlRMx83dEKO8kwRUXXfQ==
X-Google-Smtp-Source: AGHT+IFceN0vD5bLctTZ5FWz1u0VRC991relPArcGjylep9Ow6v5bEuolBrAuU7zz29Wz381ma2Rf4Un79evTn5sQX0=
X-Received: by 2002:ad4:5ca8:0:b0:6d4:1e43:f395 with SMTP id 6a1803df08f44-6dd23357664mr520777436d6.24.1735421218363; Sat, 28 Dec 2024 13:26:58 -0800 (PST)
MIME-Version: 1.0
References: <GVXPR07MB9678085DBA938C8FCE6CE9DE89382@GVXPR07MB9678.eurprd07.prod.outlook.com> <m2pllv79sn.wl-randy@psg.com>
In-Reply-To: <m2pllv79sn.wl-randy@psg.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Sat, 28 Dec 2024 16:26:47 -0500
Message-ID: <CAMm+LwgcRjsdXBE1=dEHkP1qKd9DxMAjxxSL+8G8AQfwS9sk4Q@mail.gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary="000000000000419f32062a5b3dde"
Message-ID-Hash: 23IGLAMAQGWYGVJQGWFHF22FKQUNGYKJ
X-Message-ID-Hash: 23IGLAMAQGWYGVJQGWFHF22FKQUNGYKJ
X-MailFrom: hallam@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-saag.ietf.org-0; header-match-saag.ietf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "rfc-interest@rfc-editor.org" <rfc-interest@rfc-editor.org>, IETF SAAG <saag@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standards
List-Id: Security Area Advisory Group <saag.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/N1Tz3fEJfCXrqM9mBokD04g5ef8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Owner: <mailto:saag-owner@ietf.org>
List-Post: <mailto:saag@ietf.org>
List-Subscribe: <mailto:saag-join@ietf.org>
List-Unsubscribe: <mailto:saag-leave@ietf.org>
On Fri, Dec 13, 2024 at 12:50 PM Randy Bush <randy@psg.com> wrote: > > Martin Thomson wrote: > >> The archives of no-draft-expiry@ietf.org tell a pretty grim tale of > >> how this institution is incapable of implementing the most trivial > >> change. > > > > There are a lot of people who have mastered using the CIA simple > > sabotage field manual > > > https://www.cia.gov/static/5c875f3ec660e092cf893f60b4a288df/SimpleSabotage.pdf > > charaacterizing folk who disagree with you as saboteurs is neither > polite nor productive. > That nation state actors have a stake in the development of communications standards is obvious. That certain states engage in bad faith actions to promote their interests in standards processes is a matter of record. I have been in meetings with folk who made some of the decisions when the focus of the US intelligence community was throwing stones to discuss our current problem of living in a great big glass house. They have switched position but there are other countries that have not. A big glass house they can throw stones at suits certain nation state actors just fine. We are not going to fix the mistakes of the past by pretending they didn't happen. Not least because the reason we have ended up with a huge amount of cryptographic technology that nobody can use is we made bad choices in the name of 'security'. IPSEC as defined in the standards is completely useless because it doesn't work through NAT. And I remember the two Security ADs chuckling that it was a feature not a bug. S/MIME delivers solid security for people in organizations but is effectively unusable by individuals. OpenPGP is unusable by anyone who isn't exceptionally determined TLS has an ephemeral key exchange that throws away the shared secret originally negotiated rather than ratcheting it in. DPRIV took the absolutely absurd approach that running over TLS using TCP Fast Start that would require kernel modifications to every O/S was the 'fast route' to getting deployment. It wasn't of course as pretty much everyone realized. But certain people insisted that we had to get something out in 12 months and so we just had to take the doomed to a slow death technical approach. The list goes on. We are not going to fix the problems with Internet Security unless we acknowledge the fact that the perfect is the enemy of the good and sometimes the folk insisting on perfect are doing so to ensure that deployment never happens. And the way operatives work isn't the way most imagine either. The person making the public push for tying a boat anchor to some proposal probably isn't the operative. Those people work the bars and the hallways.
- [saag] FW: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: FW: New Version Notification for draft… Simon Josefsson
- [saag] Re: New Version Notification for draft-rsa… Simon Josefsson
- [saag] Re: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: New Version Notification for draft-rsa… Tero Kivinen
- [saag] Re: New Version Notification for draft-rsa… Damien Miller
- [saag] Re: New Version Notification for draft-rsa… Simon Josefsson
- [saag] Re: New Version Notification for draft-rsa… Tero Kivinen
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Michael Richardson
- [saag] Re: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: New Version Notification for draft-rsa… Stephen Farrell
- [saag] Re: New Version Notification for draft-rsa… Peter Gutmann
- [saag] Re: New Version Notification for draft-rsa… Michael Richardson
- [saag] Re: New Version Notification for draft-rsa… Peter Gutmann
- [saag] Re: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Michael Richardson
- [saag] Re: New Version Notification for draft-rsa… Watson Ladd
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… D. J. Bernstein
- [saag] Re: New Version Notification for draft-rsa… Salz, Rich
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Watson Ladd
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Watson Ladd
- [saag] Re: New Version Notification for draft-rsa… D. J. Bernstein
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: New Version Notification for draft-rsa… Randy Bush
- [saag] Re: New Version Notification for draft-rsa… Michael Jones
- [saag] Re: New Version Notification for draft-rsa… Randy Bush
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Alan DeKok
- [saag] Re: New Version Notification for draft-rsa… D. J. Bernstein
- [saag] Re: New Version Notification for draft-rsa… Damien Miller
- [saag] Re: New Version Notification for draft-rsa… Eric Rescorla
- [saag] Re: New Version Notification for draft-rsa… Stephen Farrell
- [saag] Side-comment: SSH issues (was: New Version… Peter Gutmann
- [saag] Re: New Version Notification for draft-rsa… Eric Rescorla
- [saag] Re: New Version Notification for draft-rsa… Stephen Farrell
- [saag] Re: New Version Notification for draft-rsa… Simon Josefsson
- [saag] Re: New Version Notification for draft-rsa… Simon Josefsson
- [saag] RFCs vs Standards Michael Richardson
- [saag] Re: New Version Notification for draft-rsa… D. J. Bernstein
- [saag] Re: New Version Notification for draft-rsa… Eric Rescorla
- [saag] Re: RFCs vs Standards Stephen Farrell
- [saag] Re: RFCs vs Standards John Mattsson
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Peter Gutmann
- [saag] Re: RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] Re: RFCs vs Standards Salz, Rich
- [saag] Re: [rfc-i] RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] RFCs vs Standards Eliot Lear
- [saag] Re: [rfc-i] RFCs vs Standards Salz, Rich
- [saag] Re: [rfc-i] RFCs vs Standards Tim Bray
- [saag] Re: [rfc-i] RFCs vs Standards StJohns, Michael
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Brian E Carpenter
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: New Version Notification for draft-rsa… Paul Wouters
- [saag] Re: [rfc-i] RFCs vs Standards Eric Rescorla
- [saag] Re: [rfc-i] Re: RFCs vs Standards Brian E Carpenter
- [saag] Re: [rfc-i] RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] RFCs vs Standards Eric Rescorla
- [saag] Re: New Version Notification for draft-rsa… Peter Gutmann
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Joel Halpern
- [saag] Re: [rfc-i] RFCs vs Standards Behcet Sarikaya
- [saag] Re: New Version Notification for draft-rsa… Eric Rescorla
- [saag] Re: [rfc-i] Re: RFCs vs Standards Brian E Carpenter
- [saag] Re: New Version Notification for draft-rsa… Eliot Lear
- [saag] Re: [rfc-i] RFCs vs Standards Salz, Rich
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Salz, Rich
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Martin Thomson
- [saag] Re: [rfc-i] RFCs vs Standards Michael Richardson
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Alan DeKok
- [saag] Re: [rfc-i] RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] RFCs vs Standards Salz, Rich
- [saag] Re: [rfc-i] Re: RFCs vs Standards Watson Ladd
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Simon Josefsson
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards S Moonesamy
- [saag] Re: [rfc-i] RFCs vs Standards Eliot Lear
- [saag] Re: [rfc-i] RFCs vs Standards Eric Rescorla
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Eric Rescorla
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Joel Halpern
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards John Mattsson
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Randy Bush
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Randy Bush
- [saag] Re: [rfc-i] Re: Re: RFCs vs Standards Carsten Bormann
- [saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standa… Phillip Hallam-Baker
- [saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standa… Eric Rescorla
- [saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standa… Tero Kivinen
- [saag] Re: [rfc-i] Re: Re: Re: Re: Re: RFCs vs St… touch@strayalpha.com
- [saag] Re: [rfc-i] Re: Re: Re: Re: RFCs vs Standa… Phillip Hallam-Baker