IETF Logo Mail Archive

Re: [saag] Section 2.9: was Re: AD review of draft-iab-crypto-alg-agility-06

"Salz, Rich" <rsalz@akamai.com> Tue, 01 September 2015 18:01 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5046C1B2DAB for <saag@ietfa.amsl.com>; Tue, 1 Sep 2015 11:01:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.111
X-Spam-Level:
X-Spam-Status: No, score=-2.111 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_61=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NReU6Ch4PHus for <saag@ietfa.amsl.com>; Tue, 1 Sep 2015 11:01:50 -0700 (PDT)
Received: from prod-mail-xrelay06.akamai.com (prod-mail-xrelay06.akamai.com [96.6.114.98]) by ietfa.amsl.com (Postfix) with ESMTP id 04B911B2C18 for <saag@ietf.org>; Tue, 1 Sep 2015 11:01:49 -0700 (PDT)
Received: from prod-mail-xrelay06.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id B9245496C69; Tue, 1 Sep 2015 18:01:48 +0000 (GMT)
Received: from prod-mail-relay08.akamai.com (prod-mail-relay08.akamai.com [172.27.22.71]) by prod-mail-xrelay06.akamai.com (Postfix) with ESMTP id A3136496C66; Tue, 1 Sep 2015 18:01:48 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=akamai.com; s=a1; t=1441130508; bh=YAFB2z87xvVYUeTaYUVdHW5nv8ZwPUhoSuqKbzcMelM=; l=1038; h=From:To:Date:References:In-Reply-To:From; b=lhj/e5t9VzCT5pRO32LwrAuCDFhjkHS65bQoImc1iprc7Zjdq60LEYnjspYNuhePz 5MuH0ltcU8kOe6FM4MU4UONS+PsUGIxpGcXqmngxAo9/ztwh7GLLEBX6kXL17j7Lyy 0k312p3/YCWuAjBGGVrvImz9GZ2qUglCmwKnwbn8=
Received: from email.msg.corp.akamai.com (ustx2ex-cas4.msg.corp.akamai.com [172.27.25.33]) by prod-mail-relay08.akamai.com (Postfix) with ESMTP id 9ED5098085; Tue, 1 Sep 2015 18:01:48 +0000 (GMT)
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com (172.27.27.102) by ustx2ex-dag1mb2.msg.corp.akamai.com (172.27.27.102) with Microsoft SMTP Server (TLS) id 15.0.1076.9; Tue, 1 Sep 2015 13:01:48 -0500
Received: from USTX2EX-DAG1MB2.msg.corp.akamai.com ([172.27.6.132]) by ustx2ex-dag1mb2.msg.corp.akamai.com ([172.27.6.132]) with mapi id 15.00.1076.000; Tue, 1 Sep 2015 13:01:48 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] Section 2.9: was Re: AD review of draft-iab-crypto-alg-agility-06
Thread-Index: AQHQ5NDIIV9ZIH97QEOYn2JhhyIZhJ4n9olA
Date: Tue, 01 Sep 2015 18:01:47 +0000
Message-ID: <d83c4d9d4fe54b7ab1a58507a3167b0c@ustx2ex-dag1mb2.msg.corp.akamai.com>
References: <CAHbuEH6w+O-TSA9SRP-9TrM+Hdh+vn7Me+tdJrFTNY_-Nbenug@mail.gmail.com>
In-Reply-To: <CAHbuEH6w+O-TSA9SRP-9TrM+Hdh+vn7Me+tdJrFTNY_-Nbenug@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.43.27]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/ynq2u11_QcjDCuFH4gempwiXWiU>
Subject: Re: [saag] Section 2.9: was Re: AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 18:01:52 -0000

> I think it is important to include the design constraints in this paragraph, but
> am okay with wording changes that make the constraints clear so that we
> don't wind up generalizing the OS design principles and have them mean
> more than what was intended.  I'd like to see this constrained to legacy
> systems as it's not always possible to have them
> upgraded.   I also don't want to see OS become a way to bless the use
> of deprecated crypto, but would rather see it as in use for legacy systems
> understanding that it has been deprecated.  Without that, I am afraid it will
> become increasingly more difficult to phase out deprecated crypto.  I'd like to
> see that we are at least consistent in drafts/RFCs going forward so we don't
> inadvertently demonstrate consensus for more than what was agreed
> (IMO).

This is a great summation; I agree.

Now it's a simple matter of coding^W wordsmithing :)

--  
Senior Architect, Akamai Technologies
IM: richsalz@jabber.at Twitter: RichSalz

v2.23.0 | Report a Bug | By Email