Re: [secdir] [TLS] secdir review of
"Jeffrey A. Williams" <jwkckid1@ix.netcom.com> Fri, 24 September 2010 22:15 UTC
Return-Path: <jwkckid1@ix.netcom.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D3283A6AC0; Fri, 24 Sep 2010 15:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.464
X-Spam-Level:
X-Spam-Status: No, score=-1.464 tagged_above=-999 required=5 tests=[AWL=0.820, BAYES_00=-2.599, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A0--0CpZLpnt; Fri, 24 Sep 2010 15:15:16 -0700 (PDT)
Received: from elasmtp-galgo.atl.sa.earthlink.net (elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61]) by core3.amsl.com (Postfix) with ESMTP id 345863A6A91; Fri, 24 Sep 2010 15:15:05 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=ix.netcom.com; b=I8hsuBhNeUkoFqFeoP9Fn9By1K3xWOzCmQYrq/KFrNqN8WxY8PuGYwHceJsKTpWE; h=Message-ID:Date:From:Reply-To:To:Subject:Cc:Mime-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:X-ELNK-Trace:X-Originating-IP;
Received: from [209.86.224.42] (helo=elwamui-muscovy.atl.sa.earthlink.net) by elasmtp-galgo.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <jwkckid1@ix.netcom.com>) id 1OzGYK-00071t-8I; Fri, 24 Sep 2010 18:15:36 -0400
Received: from 99.93.224.206 by webmail.earthlink.net with HTTP; Fri, 24 Sep 2010 18:15:35 -0400
Message-ID: <7248432.1285366536103.JavaMail.root@elwamui-muscovy.atl.sa.earthlink.net>
Date: Fri, 24 Sep 2010 17:15:35 -0500
From: "Jeffrey A. Williams" <jwkckid1@ix.netcom.com>
To: Robert Relyea <rrelyea@redhat.com>, mrex@sap.com
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Mailer: EarthLink Zoo Mail 1.0
X-ELNK-Trace: c8e3929e1e9c87a874cfc7ce3b1ad11381c87f5e51960688c2c6bf9cb4ca647aad8afc34653425aa350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 209.86.224.42
X-Mailman-Approved-At: Fri, 24 Sep 2010 18:36:44 -0700
Cc: tls@ietf.org, secdir@ietf.org, certid@ietf.org, iesg@ietf.org
Subject: Re: [secdir] [TLS] secdir review of
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: "Jeffrey A. Williams" <jwkckid1@ix.netcom.com>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2010 22:15:22 -0000
bob and all, I think Bob's exactly right here. Thanks bob for being so concise. >:) -----Original Message----- >From: Robert Relyea <rrelyea@redhat.com> >Sent: Sep 24, 2010 5:00 PM >To: mrex@sap.com >Cc: tls@ietf.org, secdir@ietf.org, certid@ietf.org, iesg@ietf.org, barryleiba@computer.org, jhutz@cmu.edu >Subject: Re: [TLS] [secdir] secdir review of > >On 09/24/2010 01:29 PM, Martin Rex wrote: >> Peter Saint-Andre wrote: >> >>> For context, the "quoted advice" is mostly a description of current >>> usage in some existing user agents. Incorporating Barry's suggestions, >>> that text currently reads as follows in our working copy: >>> >>> Security Note: Some existing interactive user agents give advanced >>> users the option of proceeding despite an identity mismatch. >>> Although this behavior can be appropriate in certain specialized >>> circumstances, in general it ought to be exposed only to advanced >>> users and even then needs to be handled with extreme caution, for >>> example by first encouraging even an advanced user to terminate >>> the connection and, if the advanced user chooses to proceed >>> anyway, by forcing the user to view the entire certification path >>> and only then allowing the user to accept the certificate on a >>> temporary basis (i.e., for this connection attempt and all >>> subsequent connection attempts for the life of the application >>> session, but not for connection attempts during future application >>> sessions). >>> >> This whole paragraph is evil and completely wrong. >> >> It's bad enough that the web browser crowds replaced a useful option >> and important security feature with an extremely evil scary page. >> > >No, this paragraph is exactly what should happen. Click through dialogs >are demonsterably useless. They train users to ignore them. The only >place for them is if you decide that validation is not necessary. >> Offering to end-users, in a single-time-only leap-of-faith approach similar >> to what SSH has been successfully doing since its invention to memorize >> the peers certificate is magnitudes more secure than the endpoint >> identification linking to one of a hundred trust anchors, provisionally >> preconfigured by your software supplier. >> >SSH is good for small numbers of point to point connections where the >user controls both sides. SSH model is not appropriate for the general >population connection to millions of webservers. That is why SSH is used >extensively in admin deployments (where the admin controls both >machines) and is not used for e-commerce. If you want that semantic use >SSH. If you want security for the masses, use SSL (with full PKI). > > >[ case where SSL is being used for an SSH use case deleted] > >bob > Regards, Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 300k members/stakeholders and growing, strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com Phone: 214-244-4827
- Re: [secdir] [TLS] secdir review of Jeffrey A. Williams