Re: [secdir] Early SecDir Reviews

Russ Housley <housley@vigilsec.com> Thu, 27 August 2015 21:50 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 366CF1B2E13; Thu, 27 Aug 2015 14:50:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ze-tSTh13n_O; Thu, 27 Aug 2015 14:50:24 -0700 (PDT)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id C4CCF1B2E11; Thu, 27 Aug 2015 14:50:24 -0700 (PDT)
Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 484A4F24143; Thu, 27 Aug 2015 17:50:14 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id FFtf7qjoxtf9; Thu, 27 Aug 2015 17:48:56 -0400 (EDT)
Received: from [192.168.2.100] (pool-108-51-128-219.washdc.fios.verizon.net [108.51.128.219]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 7DD01F2412D; Thu, 27 Aug 2015 17:49:53 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset=us-ascii
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <001001d0e111$509f1180$f1dd3480$@ndzh.com>
Date: Thu, 27 Aug 2015 17:49:42 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <CC1E62B2-1CB9-4B4C-938D-3A6A0E7802ED@vigilsec.com>
References: <32779ADA-75D3-4754-AFD2-DFFE7237D939@vigilsec.com> <001001d0e111$509f1180$f1dd3480$@ndzh.com>
To: "Susan Hares" <shares@ndzh.com>
X-Mailer: Apple Mail (2.1085)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/OtIoIDbld5L5JwAq_9S4-xxk4T0>
Cc: 'IETF SecDir' <secdir@ietf.org>, 'Kathleen Moriarty' <kathleen.moriarty.ietf@gmail.com>, draft-hares-i2rs-auth-trans.all@ietf.org, 'Jeffrey Haas' <jhaas@pfrc.org>, draft-mglt-i2rs-security-requirements.all@ietf.org
Subject: Re: [secdir] Early SecDir Reviews
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 21:50:26 -0000

Sue:

I think you are asking if there are additional topics that need to be covered.  I did not notice any.  Although there was question raised in response to my review about the distinction between identity and identifiers.  Sorting that out might raise new things.

Russ


On Aug 27, 2015, at 5:42 PM, Susan Hares wrote:

> Russ and sec-dir: 
> 
> Thank you for reviewing the drafty-drafts. 
> 
> In the review of the I2RS architecture, several security issues were raised.
> In order to tie down the I2RS architecture document, I progress forward with
> these two drafts to indicate our direction. 
> 
> Do the two drafts (in a draft-y-draft) address the necessary security
> issues? Or do we still have major points to dig into?  
> 
> Thank you, 
> 
> Sue Hares
> 
> 
> -----Original Message-----
> From: Russ Housley [mailto:housley@vigilsec.com] 
> Sent: Friday, August 21, 2015 6:10 PM
> To: draft-mglt-i2rs-security-requirements.all@ietf.org;
> draft-hares-i2rs-auth-trans.all@ietf.org
> Cc: Stephen Farrell; Kathleen Moriarty; IETF SecDir
> Subject: Early SecDir Reviews
> 
> Please find the requested SecDir reviews.
> 
> Russ
> 
>