Re: [saag] AD review of draft-iab-crypto-alg-agility-06

"Black, David" <david.black@emc.com> Sat, 25 July 2015 12:03 UTC

Return-Path: <david.black@emc.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 191851B2DDF for <saag@ietfa.amsl.com>; Sat, 25 Jul 2015 05:03:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1aO7b7l3Rz7b for <saag@ietfa.amsl.com>; Sat, 25 Jul 2015 05:03:54 -0700 (PDT)
Received: from mailuogwdur.emc.com (mailuogwdur.emc.com [128.221.224.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64D621B2DDD for <saag@ietf.org>; Sat, 25 Jul 2015 05:03:54 -0700 (PDT)
Received: from maildlpprd53.lss.emc.com (maildlpprd53.lss.emc.com [10.106.48.157]) by mailuogwprd53.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id t6PC3pxe015695 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 25 Jul 2015 08:03:52 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com t6PC3pxe015695
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1437825832; bh=JjdxYS8w7r74e7lWpSvyhFiCn+s=; h=From:To:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=PaC3TIInIdsbLj/amTNnAsOr5AvqFTMcsaL0Uc/XNWBnyLslf37iPvfZT7tmfmG5d J2p0NNjHeLDWYv1g4PZ07rf7DG6BXVXGJs/e7U+6u1tSN95+x1k5q61s+QQY0lA9B2 59swuPIx3EdLAVT5GdOaXnSZhEUIqXF9uTfJoot4=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com t6PC3pxe015695
Received: from mailusrhubprd02.lss.emc.com (mailusrhubprd02.lss.emc.com [10.253.24.20]) by maildlpprd53.lss.emc.com (RSA Interceptor); Sat, 25 Jul 2015 08:03:50 -0400
Received: from mxhub39.corp.emc.com (mxhub39.corp.emc.com [128.222.70.106]) by mailusrhubprd02.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id t6PC3ZvB013610 (version=TLSv1 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 25 Jul 2015 08:03:35 -0400
Received: from MXHUB209.corp.emc.com (10.253.68.35) by mxhub39.corp.emc.com (128.222.70.106) with Microsoft SMTP Server (TLS) id 8.3.327.1; Sat, 25 Jul 2015 08:03:35 -0400
Received: from MX104CL02.corp.emc.com ([169.254.8.107]) by MXHUB209.corp.emc.com ([10.253.68.35]) with mapi id 14.03.0224.002; Sat, 25 Jul 2015 08:03:34 -0400
From: "Black, David" <david.black@emc.com>
To: ianG <iang@iang.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] AD review of draft-iab-crypto-alg-agility-06
Thread-Index: AQHQwLTAh/8rvqPHcUeOOKpbRz+XV53gZjqAgAB7qlCACm6EAIAA0XUQ
Date: Sat, 25 Jul 2015 12:03:33 +0000
Message-ID: <CE03DB3D7B45C245BCA0D243277949361401818A@MX104CL02.corp.emc.com>
References: <55A938F1.9090404@cs.tcd.ie> <2F4FD8A9-2222-47E1-A895-003258D88E7C@vpnc.org> <CE03DB3D7B45C245BCA0D243277949361400A551@MX104CL02.corp.emc.com> <55B292A4.7060907@iang.org>
In-Reply-To: <55B292A4.7060907@iang.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.76.191.47]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd02.lss.emc.com
X-RSA-Classifications: public
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/yYHzeqJe2o1-WMHpIwH7ymUFHTs>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2015 12:03:56 -0000

Sorry for the initial blank response that got away ...

> However, because of this criticism, we can't get away without putting a
> warning in there that agility is strictly limited by its ability to
> deploy.  That seems to find itself in section 4. Security
> Considerations, especially last para.

I agree with Eliot's point that two MTI algorithms plus configuration to
exercise both results in agility in non-upgradeable deployments, and think
his text suggestions make sense.

Thanks,
--David


> -----Original Message-----
> From: saag [mailto:saag-bounces@ietf.org] On Behalf Of ianG
> Sent: Friday, July 24, 2015 3:32 PM
> To: saag@ietf.org
> Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
> 
> On 18/07/2015 09:18 am, Black, David wrote:
> >>> intro, 3rd para: are we saying that agility is achieved when a
> >>> protocol (specification) can easliy migrate from one suite to a
> >>> better one, or when a deployment can easily migrate? The current
> >>> text implies the former, but I'm not sure if we'd be better off
> >>> aiming more for the latter.
> >>
> >> +1
> >
> > IoT slippery slope warning, e.g., I have no idea how to update my
> > refrigerator's firmware, and "Patch Tuesday" is not a great answer due
> > to risks of spoiled food ;-). (https://en.wikipedia.org/wiki/Patch_Tuesday)
> >
> > I'd concur that deployment upgradeability is a worthy goal, but would
> > suggest leaving exploration of details of how to pull that off to other
> > drafts/forums.
> 
> 
> 
> The inability to deploy is one of the major criticisms of agility;  if
> there is zero deployment, then there is no point to agility, and it is
> likely doing harm (complexity plus consumption of resources).  Then, if
> there is some deployment, there is some benefit, but does it achieve
> profit?  The arguments begin...
> 
> The IETF's business is more about protocol drafts not deployments, so I
> would say that the agility refers to the ability of the protocol to be
> agile, and not towards deployment.  Therefore agility is achieved when
> the protocol has it, not when deployment is shown.  So I'd leave the
> text as it is.
> 
> However, because of this criticism, we can't get away without putting a
> warning in there that agility is strictly limited by its ability to
> deploy.  That seems to find itself in section 4. Security
> Considerations, especially last para.
> 
> So I think in essence the point is covered.
> 
> iang
> 
> 
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag