IETF Logo Mail Archive

Re: [saag] should we revise rfc 3365?

"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Tue, 29 May 2012 16:35 UTC

Return-Path: <hannes.tschofenig@nsn.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 603C621F86DA for <saag@ietfa.amsl.com>; Tue, 29 May 2012 09:35:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.549
X-Spam-Level:
X-Spam-Status: No, score=-106.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B-MMFM8dlNsS for <saag@ietfa.amsl.com>; Tue, 29 May 2012 09:35:40 -0700 (PDT)
Received: from demumfd002.nsn-inter.net (demumfd002.nsn-inter.net [93.183.12.31]) by ietfa.amsl.com (Postfix) with ESMTP id 913C121F86D1 for <saag@ietf.org>; Tue, 29 May 2012 09:35:40 -0700 (PDT)
Received: from demuprx017.emea.nsn-intra.net ([10.150.129.56]) by demumfd002.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id q4TGZWW8023221 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 29 May 2012 18:35:32 +0200
Received: from demuexc023.nsn-intra.net (demuexc023.nsn-intra.net [10.150.128.36]) by demuprx017.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id q4TGZVZF003998; Tue, 29 May 2012 18:35:31 +0200
Received: from FIESEXC035.nsn-intra.net ([10.159.0.25]) by demuexc023.nsn-intra.net with Microsoft SMTPSVC(6.0.3790.4675); Tue, 29 May 2012 18:35:31 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 29 May 2012 19:37:30 +0300
Message-ID: <999913AB42CC9341B05A99BBF358718D017FDDDE@FIESEXC035.nsn-intra.net>
In-Reply-To: <E1SYFww-0007It-5i@login01.fos.auckland.ac.nz>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [saag] should we revise rfc 3365?
Thread-Index: Ac07ObDwN05UUhEjTMO7Dayj6xy/3QCfx2qg
References: <999913AB42CC9341B05A99BBF358718D017BA1BE@FIESEXC035.nsn-intra.net> <E1SYFww-0007It-5i@login01.fos.auckland.ac.nz>
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Peter Gutmann <pgut001@cs.auckland.ac.nz>, mouse@Rodents-Montreal.ORG, saag@ietf.org
X-OriginalArrivalTime: 29 May 2012 16:35:31.0806 (UTC) FILETIME=[107687E0:01CD3DB9]
X-purgate-type: clean
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-size: 2175
X-purgate-ID: 151667::1338309332-00005945-859490B4/0-0/0-0
Subject: Re: [saag] should we revise rfc 3365?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2012 16:35:41 -0000

Hi Peter, 

when we develop protocols in the IETF they are meant to be used for the
Internet and you have to make the design according to the toughest
requirements and not the simplest. In many cases, protocol designers do
not really know how exactly their protocols will be used and so you
cannot just make some simplifying assumptions. 

For smart objects (you call them low-power devices) the approach is
still to provide security or otherwise not connect them to the Internet.


I think that this approach of providing a version of the protocol that
is completely insecure (in case we have a really convenient deployment
environment is really dangerous) as the usage of the protocol can
quickly be used in different contexts and then the user is in trouble. 

So, I think you are on the wrong track. 

Ciao
Hannes

> -----Original Message-----
> From: ext Peter Gutmann [mailto:pgut001@cs.auckland.ac.nz]
> Sent: Saturday, May 26, 2012 3:18 PM
> To: Tschofenig, Hannes (NSN - FI/Espoo); mouse@Rodents-Montreal.ORG;
> saag@ietf.org
> Subject: Re: [saag] should we revise rfc 3365?
> 
> "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
writes:
> 
> >I see this argument quite often that we should not impose strong
> security
> >requirements on protocols because there may be this use case where no
> >security is needed.
> >
> >I am wondering what protocols you are thinking about that need no
> security.
> 
> It's not protocols that may or may not require security, it's uses of
> protocols.  Something on an internal LAN probably doesn't require it.
> Something on a CAN (where 'C' is for 'controller') almost certainly
> doesn't
> require it.  Low-power embedded devices (where the options are no-so-
> strong
> security or none at all) don't require it.  Systems where throughput
> and/or
> low latency are critical and you "secure" them by running a cable from
> box A
> to box B don't need it.  And so on and so on.
> 
> It's fair enough to say "if you require strong security then you can
do
> X",
> but saying "the protocol MUST include X" is inappropriate.
> 
> Peter.

v2.23.0 | Report a Bug | By Email