Re: [secdir] Assignments

Tero Kivinen <kivinen@iki.fi> Mon, 29 April 2019 11:13 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6EC31200C3 for <secdir@ietfa.amsl.com>; Mon, 29 Apr 2019 04:13:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.42
X-Spam-Level:
X-Spam-Status: No, score=-3.42 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nJSEzFWlROAs for <secdir@ietfa.amsl.com>; Mon, 29 Apr 2019 04:13:15 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2975812008F for <secdir@ietf.org>; Mon, 29 Apr 2019 04:13:14 -0700 (PDT)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id x3TBD5ko011836 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 29 Apr 2019 14:13:05 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id x3TBD5np003341; Mon, 29 Apr 2019 14:13:05 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23750.56385.220502.134039@fireball.acr.fi>
Date: Mon, 29 Apr 2019 14:13:05 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Phillip Hallam-Baker <ietf@hallambaker.com>
Cc: secdir-secretary@mit.edu, secdir@ietf.org
In-Reply-To: <CAMm+LwgOYJW=mM7FH05NOrhjZM8=atfo1jS6VjnxNjYtAYZ4Ww@mail.gmail.com>
References: <155618781878.23454.9844389863110194782.idtracker@ietfa.amsl.com> <CAMm+LwgOYJW=mM7FH05NOrhjZM8=atfo1jS6VjnxNjYtAYZ4Ww@mail.gmail.com>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 9 min
X-Total-Time: 13 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/MiFFGd16Qgkb_qfUiLMX1MqMd6w>
Subject: Re: [secdir] Assignments
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Apr 2019 11:13:18 -0000

Phillip Hallam-Baker writes:
> Ooops. Just noticed that these have not been going into my action items folder
> and I missed one. My filter must have been relying on a feature that changed.

I switched to use emails sent from datatracker two and half years ago,
i.e., end of 2016. Reply to, To and Subject should have been same.

>From address field did change from kivinen@iki.fi to noreply@ietf.org
in the beginning of March, because of some datatracker changes, so
that is the one that most likely caused the issue. Anyways it is
always better to use something else than From address for filtering as
the secdir secretary might change :-)

The reply-to address of secdir-secretary@mit.edu should stay same. 

> Not really a tools team issue or critical. But it is a systemic
> problem with using SMTP mail for workflow.

You can always see your review requests also in the datatracker by
going to the

https://datatracker.ietf.org/accounts/review/

page, and also the datatracker should send you automatic email when
one is assigned to you in addition to my summary...

One good thing about mail workflow is that I do get all the
notifications in the same place, I hate the cases where I need to go
and check through few dozen different web pages to see if there is
anything new there for me to do...

> We have traditionally considered the killer app for S/MIME to be
> confidentiality. What if it was authentication and access control? Signing
> meeting requests, calendar entries, task items allows people to add things to
> my work queue.

That would be nice, but the problem again is that you want to
configure your systems to act on certain requests differently. Whether
it is S/MIME authenticated does not really help there, you still do
not want to accept random S/MIME authenticated request to add new
entries to your calendar, so you are still left with whitelist of
people who can add items to your calendar, and when things change then
those will break... 

> Trying to retrofit might be a case of trying to balance too many
> plates on the stack though.

Adding generic code to the datatracker that signs emails with S/MIME,
would actually be quite good enhancement, and I did make a new ticket
#2716 about this...
-- 
kivinen@iki.fi