IETF Logo Mail Archive

Re: [saag] software update for teeny-weeny devices

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 11 October 2016 11:43 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17A0A129857 for <saag@ietfa.amsl.com>; Tue, 11 Oct 2016 04:43:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.297
X-Spam-Level:
X-Spam-Status: No, score=-7.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVnQyF5sflNr for <saag@ietfa.amsl.com>; Tue, 11 Oct 2016 04:43:37 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CBA8129856 for <saag@ietf.org>; Tue, 11 Oct 2016 04:43:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 7CCB2BE49; Tue, 11 Oct 2016 12:43:35 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Lg9o7KXnLhU; Tue, 11 Oct 2016 12:43:35 +0100 (IST)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id D9F3ABDCC; Tue, 11 Oct 2016 12:43:34 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1476186215; bh=whNeDYVFbdocFmJBuVFr8novam3I1sMi+dlgiSWw1Jk=; h=Subject:To:References:From:Date:In-Reply-To:From; b=WhLnOEjQq3rpGfeRv1v+rvG7BdG4KCtL2SmnQ2Tf4jRwMe3BzUfADBVVTKJsscr7C vaK1EqHO3kuwS7L85Aekl5VhHXBFv2wojXEioZxpyWh7Pwhe88auFU9J+BpHwwHG0j +kX0LtLdH9N/zC0OHeNt8ERAbJCwIIlk0xmUi048=
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "saag@ietf.org" <saag@ietf.org>
References: <HE1PR0802MB247516144837651E2C02580BFAC60@HE1PR0802MB2475.eurprd08.prod.outlook.com> <adc0fdb3-ad01-d1e4-786e-b72e091e07c2@cs.tcd.ie> <1475979732739.80385@cs.auckland.ac.nz> <b113c5e7-72e7-16e8-9a54-3053ebaa1c93@cs.tcd.ie> <1476157701079.16040@cs.auckland.ac.nz>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <73611303-a4bb-8c6d-bf85-d443948ebd9c@cs.tcd.ie>
Date: Tue, 11 Oct 2016 12:43:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <1476157701079.16040@cs.auckland.ac.nz>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms050707090102000803040301"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/pHbAgri08Wn_zsPwr_jG33Tfmk8>
Subject: Re: [saag] software update for teeny-weeny devices
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2016 11:43:39 -0000


On 11/10/16 04:48, Peter Gutmann wrote:
> Stephen Farrell <stephen.farrell@cs.tcd.ie> writes:
>> On 09/10/16 03:22, Peter Gutmann wrote:
>>> It'd also be good to have a problem statement of some kind rather than just
>>> a shopping list of stuff, or some indication of where the authors are coming
>> >from when they create their list.
>>
>> The authors of the draft are just trying to reflect what happened at the
>> workshop (as it says in the draft).
> 
> So were there no requirements given at the workshop, no use cases? 

The workshop did not produce the one true list of requirements
nor use-cases, no. And nor should it have attempted to do that
IMO.

> At the
> moment it feels like being told the punchline of a joke, "And then the farmer
> said 'You'll have to take the sheep as well'" [0], but without the setup you
> can't tell what's going on.
> 
>> If the text of the draft gives the wrong impression about any of that, I'd
>> appreciate pointers to help us fix it.
> 
> It's not really the wrong impression, it's a very incomplete impression.  It's
> like a bunch of people got together and came up with a list of problems,
> without really specifying what it was they were trying to do. 

Is there a clue in the fact that it was called a workshop? ;-)

> I know in
> general what's being discussed, but without any requirements or use cases I
> can just make a whole pile of the problems discussed go away by saying "well
> don't do that, then", the prime example being the one I pointed out, if you
> ignore certificates, or throw away CRLs and use something more functional,
> then you don't have to worry about having a RTC.

If you read the text of the report as being a recommendation
for strict adherence to x.509 or rfc5280+revocation-checking
then we should fix it so it doesn't read that way. But I don't
think it does read that way, and it's certainly not intended
to be written that way, at least by me. Again, if you can
point out text that lead you to think that that'd be great and
we can fix it. (That's fine offlist if that's easier.)

Cheers,
S.

> 
> Peter.
> 
> [0] Obviously this is an Australian joke.
>

v2.23.0 | Report a Bug | By Email