Re: [secdir] Security participation in the LISP WG appreciated
Stephen Kent <kent@bbn.com> Thu, 13 August 2009 18:00 UTC
Return-Path: <secdir-bounces@mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BF4123A6873 for <secdir@core3.amsl.com>; Thu, 13 Aug 2009 11:00:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.854
X-Spam-Level:
X-Spam-Status: No, score=-3.854 tagged_above=-999 required=5 tests=[AWL=1.256, BAYES_05=-1.11, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TfvEgQej+qlQ for <secdir@core3.amsl.com>; Thu, 13 Aug 2009 11:00:05 -0700 (PDT)
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by core3.amsl.com (Postfix) with ESMTP id DF5ED3A697C for <secdir@ietf.org>; Thu, 13 Aug 2009 11:00:04 -0700 (PDT)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n7DI02QJ022869 for <secdir@ietf.org>; Thu, 13 Aug 2009 14:00:02 -0400
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n7DI00T4022851 for <secdir@PCH.mit.edu>; Thu, 13 Aug 2009 14:00:00 -0400
Received: from mit.edu (W92-130-BARRACUDA-3.MIT.EDU [18.7.21.224]) by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id n7DHxqFG011885 for <secdir@MIT.EDU>; Thu, 13 Aug 2009 13:59:52 -0400 (EDT)
Received: from mx11.bbn.com (localhost [127.0.0.1]) by mit.edu (Spam Firewall) with ESMTP id 05A091B3B33D; Thu, 13 Aug 2009 13:59:51 -0400 (EDT)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by mit.edu with ESMTP id yJbfqAyFYBFzEruJ; Thu, 13 Aug 2009 13:59:50 -0400 (EDT)
Received-SPF: pass (mit.edu: domain of kent@bbn.com designates 128.33.0.80 as permitted sender) receiver=mit.edu; client_ip=128.33.0.80; envelope-from=kent@bbn.com;
Received: from dhcp89-089-040.bbn.com ([128.89.89.40]) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <kent@bbn.com>) id 1MbdeW-0004R7-G2; Thu, 13 Aug 2009 12:59:49 -0400
Mime-Version: 1.0
Message-Id: <p0624080ec6aa00f744ce@[128.89.89.40]>
In-Reply-To: <tsly6pohjgd.fsf@mit.edu>
References: <tsly6pohjgd.fsf@mit.edu>
Date: Thu, 13 Aug 2009 13:50:38 -0400
To: Sam Hartman <hartmans-ietf@mit.edu>
From: Stephen Kent <kent@bbn.com>
X-Scanned-By: MIMEDefang 2.42
X-BeenThere: secdir@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: secdir-bounces@mit.edu
Errors-To: secdir-bounces@mit.edu
Cc: secdir@mit.edu
Subject: Re: [secdir] Security participation in the LISP WG appreciated
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2009 18:00:05 -0000
Sam, Since the current generation of IPsec specs recommends ESP-NULL over AH, any reference to 2402 is very questionable for any new WG document, e.g., LISP documents. Also, MD5 is not an algorithm that I think most SECDIR folks would recommend at this point in time. What motivates this retro security fetish? Also, what does "static" AH mean re authentication data, key lifetime, etc.? I am not volunteering to enter the LIPS WG debate. However, I will volunteer to review and comment on LISP documents when they come up for IETF LC. The security ADs may choose to pay attention to such comments, which might result in a DISCUSS at that stage. Presumably the authors would like to avoid that :-). Steve _______________________________________________ secdir mailing list secdir@mit.edu https://mailman.mit.edu/mailman/listinfo/secdir
- [secdir] Security participation in the LISP WG ap… Sam Hartman
- [secdir] Security participation in the LISP WG ap… Sam Hartman
- Re: [secdir] Security participation in the LISP W… Stephen Kent
- Re: [secdir] Security participation in the LISP W… Sam Hartman