Re: [saag] keys under doormats: is our doormat ok?

Stephen Farrell <> Mon, 13 July 2015 20:11 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id EFDE11B2DEA for <>; Mon, 13 Jul 2015 13:11:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wYj_pP5B9eDA for <>; Mon, 13 Jul 2015 13:11:15 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 39AB81A8867 for <>; Mon, 13 Jul 2015 13:11:15 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id ECD7FBDD0; Mon, 13 Jul 2015 21:11:13 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MMc-G8koLTtg; Mon, 13 Jul 2015 21:11:12 +0100 (IST)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 6C871BDCF; Mon, 13 Jul 2015 21:11:12 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1436818272; bh=5oREYn4JPWsj61lg31tmi6H3SsgPtVNkn1yEqeJT7nY=; h=Date:From:To:Subject:References:In-Reply-To:From; b=2Tss+umNzReEcplzn1syiXPG7hSrBzkkilGF0ttqXu2h8WdSO8gt1VbZGtyUE2Dr7 +eazUurXsZT0TBo4zbcMc4RvqK9ogz9P622vlHZyiVBs0EPlGcvrh9Qprk1klJ3Qad i326gPlr0a4d3tu9LWJ/3d5Tdw/31bwl711z+Fhg=
Message-ID: <>
Date: Mon, 13 Jul 2015 21:11:05 +0100
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Eliot Lear <>,, "" <>
References: <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="Oku0tkNog4u6AfCVM8ecJqCJMBVjojCgn"
Archived-At: <>
Subject: Re: [saag] keys under doormats: is our doormat ok?
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 13 Jul 2015 20:11:17 -0000


On 13/07/15 17:20, Eliot Lear wrote:
> Hi Stephen,
> On 7/13/15 3:28 PM, Stephen Farrell wrote:
>> Hiya,
>> On 12/07/15 23:28, Dave Crocker wrote:
>>> I will also suggest that we ought to have the IETF review of the draft
>>> RFC for this include a segment at an IETF plenary. 
>> Just as a point of information for those who're considering there
>> may be external-to-the-IETF benefits in some form of renewal of
>> the relevant content from RFC 1984...
>> One reason I figured RFC 1984 is still ok is that the IAB have quite
>> recently weighed in with an even stronger recommendation "that
>> encryption be deployed throughout the protocol stack." [1] And while
>> that's an IAB statement and hasn't been through the IETF consensus
>> process, and while that doesn't directly touch on mandated-key-escrow-
>> silliness, it does refer back to RFC 1984, as well as going further.
> The reference to 1984 is in the IAB statement to demonstrate the
> continuum of time that the IAB and IESG have considered this issue.  
> There are some aspects of 1984 that could evolve.  Particularly the
> rationale in the section entitled "PROTECTION OF THE EXISTING
> INFRASTRUCTURE".  Encryption is required for there to be confidence in
> the infrastructure.

True, however, it's also true that the lack of mandatory key escrow
is also an inherent part of 1984 and my assumption at least is that
the IAB think the same and were cognizant of that in their statement.

>> So I reckon that from a non-IETF perspective, [1] probably achieves
>> as much as we'd achieve with any easy method of "renewing" RFC 1984.
>> (I'm also not sure what "renewing" 1984 might mean exactly but I'm
>> sure we could figure some mechanics that'd work and if it turns out
>> I'm wrong above and folks do want some such thing, I'll of course
>> try help get that done.)
> I think Christian used the term "reaffirming".  Before we do that, we
> people should really read through 1984 with a 2015 perspective.  The
> document has held together well, even with a few issues.  

Tend to agree. It's also addressing export of course but were any
of the recently mooted government silliness to become real, it'd
also have to involve controls on export/import as well as on usage
so that part of the analysis is actually still relevant I figure.
(There'd be an even bigger and even sillier impact on open source
the importance of which is nowadays probably better appreciated.)

> But to
> reaffirm would be to say that the 1996 world view is still applicable. 
> I don't think it is.  I think we'd make a different statement today. 
> Maybe this is what you mean by "renew".

TBH, I'm not sure what's meant by renew or re-affirming or anything
similar. So far, I think the suggestions made include an in-place
promotion to BCP, which I understand, or to do an update, meaning a
new RFC with revised content, which I also understand, and which
could aim for minimal or broader change. I don't get what or how
any other option might work out. Anyway, if we end up with consensus
to do something then I'm sure we can figure out the mechanics then.


> Eliot