Re: [secdir] New Routing Area Security Design Team
Sean Turner <sean@sn3rd.com> Sat, 21 April 2018 02:36 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65276127076 for <secdir@ietfa.amsl.com>; Fri, 20 Apr 2018 19:36:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TiKDC9IcGcVv for <secdir@ietfa.amsl.com>; Fri, 20 Apr 2018 19:36:30 -0700 (PDT)
Received: from mail-qt0-x242.google.com (mail-qt0-x242.google.com [IPv6:2607:f8b0:400d:c0d::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DB84126C83 for <secdir@ietf.org>; Fri, 20 Apr 2018 19:36:30 -0700 (PDT)
Received: by mail-qt0-x242.google.com with SMTP id w12-v6so11923499qti.4 for <secdir@ietf.org>; Fri, 20 Apr 2018 19:36:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bi55N7ThaNjQSmVpEtPjUHfbUjaMgWF0oPcZv00i96s=; b=lO+MTXKi6SzcYIXk0YtZA4BzYHdG5d7qRuBE9EH7pc01wxSjePmTxWbmYn0mON60Su tIN5aB1Nye7GC/kSt1C1/niKiMrYpCgJ80OKsz0uLUONhxJlnk2M8IOP6tSTa4IOroar 3M7OWokG2l++mzKTvFl8RY05lG1NYo2vj7/Q8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=bi55N7ThaNjQSmVpEtPjUHfbUjaMgWF0oPcZv00i96s=; b=TUghP/qQl1XDqpnLrx0SKg/tTuy72MAeMlKtwj3kpn8Fd46ZVz9vX13d416uH+cD9Z KtW4abldGb1KmIa1CqLy3+TL6Bj9f7oiJZrUa5JJ67ls6gvSh6nTWZBd2lmrZWDTYeIj bJ8apnk0/527ujeofBDwE5f0hDe2ixL5Fx6Q+wQQzS4bF+/AXR+ea83MXrb+rMkdmjCg hn7RiabwfxtRXtnW1cR3r84T9osJzH+Y/lPKnLUGEsGTMyLElcjgZcVZV4w6/pHfZDfM SWpjLYU/HfxpH55F8hoQlFGEdV3tKT1szY2Q8sgksPGsaskUMND7mf1IIeSi0OT+EhEy 9e3A==
X-Gm-Message-State: ALQs6tCmM92I8mNGPWO++d68QhLd5ajTPCqGvCR5aavAcoaQKcvu4OGD Vm5ZICtDFYX0DlJcrMdbkHk3ayl6GVs=
X-Google-Smtp-Source: AIpwx4+onPxlsOipSaq8peBOvw6UF9di4Y5kOzNiQTorEospIhfhXd94ESbXNlYke07AjbN3U9maiA==
X-Received: by 2002:aed:3069:: with SMTP id 96-v6mr13749886qte.283.1524278189462; Fri, 20 Apr 2018 19:36:29 -0700 (PDT)
Received: from [172.16.0.18] ([96.231.225.106]) by smtp.gmail.com with ESMTPSA id q42-v6sm7001009qtc.49.2018.04.20.19.36.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 20 Apr 2018 19:36:28 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <0B9DB69A-472E-4FF5-9164-FCFB59C26D64@pfrc.org>
Date: Fri, 20 Apr 2018 22:36:27 -0400
Cc: Richard Barnes <rlb@ipv.sx>, secdir <secdir@ietf.org>, Russ White <russ@riw.us>, Stewart Bryant <stewart.bryant@gmail.com>, "Acee Lindem (acee)" <acee@cisco.com>, "BRUNGARD, DEBORAH A" <db3546@att.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CABBF7D4-2B9B-4403-9C00-63C76906E631@sn3rd.com>
References: <F64C10EAA68C8044B33656FA214632C8882C74A7@MISOUT7MSGUSRDE.ITServices.sbc.com> <CAL02cgS9rZKVtZs4aRWJmaQj-anaSqYj8rn8roDdxP+JhBR++A@mail.gmail.com> <F64B6EFA-1CB3-454B-B827-B5886A723D36@pfrc.org> <d37721c3-8e78-6eb8-c0ae-ba0e57a623c3@huitema.net> <026301d3d4e4$380d8b00$a828a100$@riw.us> <209F0EB5-AC41-4D00-8FE6-755802946061@pfrc.org> <CAL02cgTOOVXUXmvoE4JK97i8EeYnHevk4V9ecTepGLcB1YA-2w@mail.gmail.com> <2AD240AE-DF39-4D76-8D6B-BB8AADC6C267@pfrc.org> <024301d3d588$2b8ac6a0$82a053e0$@riw.us> <CAL02cgQaUGi7uq3GA4kdE54z2AUCOqBNYjbYsZT_wAsH-4aYgQ@mail.gmail.com> <0B9DB69A-472E-4FF5-9164-FCFB59C26D64@pfrc.org>
To: Jeffrey Haas <jhaas@pfrc.org>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/2_qYeLA0hj86tOZVAyeCe89K3xY>
Subject: Re: [secdir] New Routing Area Security Design Team
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Apr 2018 02:36:32 -0000
Having tried to help* the last time the routing and security got together, I can’t help but suggest that with this: > On Apr 15, 2018, at 15:27, Jeffrey Haas <jhaas@pfrc.org> wrote: > > >> On Apr 15, 2018, at 2:04 PM, Russ White <russ@riw.us> wrote: >> >> >>> As Richard said, the headline issue for outsiders like me is BGP hijacking, >>> whether as a mean to hijack addresses and inject spam, or as a way to >> >> This is more about documenting how routing folks should build their security considerations sections to reduce the friction between the security area and the routing area. A much more prosaic situation, I know... 😊 > > ^This. and this: > On Apr 16, 2018, at 10:28, Jeffrey Haas <jhaas@pfrc.org> wrote: > > >> How about "Better Routing Application Transport Security (BRATS)"? ;) > > Only if we get our own line of dolls. that maybe a better name is: PEDICURE PixiE Dust routIng seCURity considErations Because, it sounds like that’s where we’ll be looking ;) A nice side effect of this effort is that routing drafts can start to skip secdir reviews after this is done because whatever this group comes up with is going to get copied everywhere; it’ll be like MIB security considerations! I assume that’s really the short term plan right? I’m trying to not be too much of downer here, but the last time security helped there was a lot of: you don’t understand how these protocols are used/deployed, key management is too onerous, and whoa that’s too heavy weight/gold plated. Since the last time around security still doesn’t come for free and pretty much every security protocol still requires some type of key management … so what’s going to be different this time around? I.e., why would one want to volunteer to help one of these to be formed small teams? spt * for some value of help.
- [secdir] New Routing Area Security Design Team BRUNGARD, DEBORAH A
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team Acee Lindem (acee)
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team BRUNGARD, DEBORAH A
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas
- Re: [secdir] New Routing Area Security Design Team Christian Huitema
- Re: [secdir] New Routing Area Security Design Team Russ White
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas
- Re: [secdir] New Routing Area Security Design Team Russ White
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas
- Re: [secdir] New Routing Area Security Design Team Sean Turner
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas
- Re: [secdir] New Routing Area Security Design Team Christian Huitema
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team Richard Barnes
- Re: [secdir] New Routing Area Security Design Team Jeffrey Haas