Re: [secdir] Secdir review of draft-johansson-loa-registry-04
Vincent Roca <vincent.roca@inria.fr> Wed, 04 April 2012 13:53 UTC
Return-Path: <vincent.roca@inria.fr>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE41821F84FE; Wed, 4 Apr 2012 06:53:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.18
X-Spam-Level:
X-Spam-Status: No, score=-109.18 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DATE_IN_PAST_06_12=1.069, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JKCPjnfTi9IC; Wed, 4 Apr 2012 06:53:37 -0700 (PDT)
Received: from mail1-relais-roc.national.inria.fr (mail1-relais-roc.national.inria.fr [192.134.164.82]) by ietfa.amsl.com (Postfix) with ESMTP id 8288621F84C4; Wed, 4 Apr 2012 06:53:31 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.75,369,1330902000"; d="scan'208";a="152697866"
Received: from unknown (HELO [192.168.43.137]) ([90.84.144.75]) by mail1-relais-roc.national.inria.fr with ESMTP/TLS/AES128-SHA; 04 Apr 2012 15:53:28 +0200
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Vincent Roca <vincent.roca@inria.fr>
In-Reply-To: <4F7AD1AF.3020004@sunet.se>
Date: Wed, 04 Apr 2012 08:21:55 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <226B9393-7AFF-4082-BCC7-5433DD0D99FE@inria.fr>
References: <2BAEF3F1-9FDD-4D45-B03D-57A12CAF515F@inria.fr> <4F7AD1AF.3020004@sunet.se>
To: Leif Johansson <leifj@sunet.se>
X-Mailer: Apple Mail (2.1084)
Cc: draft-johansson-loa-registry.all@tools.ietf.org, IESG <iesg@ietf.org>, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-johansson-loa-registry-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2012 13:53:38 -0000
Hi Leif,
>> 2/ The rest of the sentence is confusing IMHO: "An implementor
>> [...] MUST NOT make any assumptions about the properties of any of
>> the listed level of assurance URIs or their associated trust
>> frameworks or federations based on their presense in the IANA
>> registry."
>>
>> Do you mean that the fact an IANA registry exists, by itself, does
>> not garranty the trust framework actually provides the expected
>> security features (i.e. the IANA registry is merely a definition
>> record)?
>
> Yes thats the intent!
>
>> I don't like the term "any assumption". If a LOA tells me I can
>> achieve some security level by using it, I'll first **assume** it's
>> true and in a second step I'll verify it's indeed the case.
>>
>
> What I want to say is that the fact that the entry exists doesn't
> imply any quality of the underlying trust framework.
So it's just a matter of presentation. I prefer your sentence ("does not imply any
quality...") to what is said in the I-D ("must not make any assumptions...").
> Thanks for a great review!
You're welcome.
Cheers,
Vincent
- [secdir] Secdir review of draft-johansson-loa-reg… Vincent Roca
- Re: [secdir] Secdir review of draft-johansson-loa… Leif Johansson
- Re: [secdir] Secdir review of draft-johansson-loa… Vincent Roca