Re: [secdir] [saag] Interest in draft-dong-savi-cga-header-03.txt; possibility of a five minute slot at saag?

Stephen Kent <kent@bbn.com> Mon, 09 August 2010 20:54 UTC

Return-Path: <kent@bbn.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DC9BD3A69B8; Mon, 9 Aug 2010 13:54:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.229
X-Spam-Level:
X-Spam-Status: No, score=-101.229 tagged_above=-999 required=5 tests=[AWL=-1.045, BAYES_40=-0.185, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w2NStG+BcTK5; Mon, 9 Aug 2010 13:54:09 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id D1D003A6969; Mon, 9 Aug 2010 13:54:09 -0700 (PDT)
Received: from dhcp89-089-110.bbn.com ([128.89.89.110]:49206) by smtp.bbn.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1OiZMk-000IME-2r; Mon, 09 Aug 2010 16:54:38 -0400
Mime-Version: 1.0
Message-Id: <p0624081ac8861a5e0cb4@[128.89.89.110]>
In-Reply-To: <tslwrse66y2.fsf@live.c.hospitality.swisscom.com>
References: <tsl630fmwok.fsf@mit.edu> <p06240805c86a38f57df9@[128.89.89.72]> <BF345F63074F8040B58C00A186FCA57F1F66885082@NALASEXMB04.na.qualcomm.com> <p06240801c86d39d160ab@[192.168.9.234]> <BF345F63074F8040B58C00A186FCA57F1F6688540F@NALASEXMB04.na.qualcomm.com> <p06240807c876e0f794c1@[130.129.114.216]> <tslwrse66y2.fsf@live.c.hospitality.swisscom.com>
Date: Mon, 9 Aug 2010 16:54:31 -0400
To: Sam Hartman <hartmans-ietf@mit.edu>
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="============_-930735219==_ma============"
Cc: "Laganier, Julien" <julienl@qualcomm.com>, Dong Zhang <zhangdong_rh@huawei.com>, "secdir@ietf.org" <secdir@ietf.org>, PaddyNallur <paddy@huaweisymantec.com>, "saag@ietf.org" <saag@ietf.org>, Margaret Wasserman <mrw@painless-security.com>, Sam Hartman <hartmans-ietf@mit.edu>
Subject: Re: [secdir] [saag] Interest in draft-dong-savi-cga-header-03.txt; possibility of a five minute slot at saag?
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2010 20:54:11 -0000

At 4:14 AM -0400 7/29/10, Sam Hartman wrote:
>  >>>>> "Stephen" == Stephen Kent <kent@bbn.com>; writes:
>
>     Stephen> I agree that the primary motivation for CGAs arose in the
>     Stephen> SeND context, and that privacy is an independent
>     Stephen> feature. But, the context in which CGAs were intended to
>     Stephen> provide an ability to establish a binding to an IPv6
>     Stephen> address was local. When one moves beyond this local
>     Stephen> context, and one advocates having more distant nodes
>     Stephen> challenge a host, this creates privacy questions.
>
>I think we've been looking at CGAs that have non-local scope for a
>while.  Section 7.4 of RFC 3972 seems to anticipate CGAs used with other
>protocols.  It's my understanding that shim6 supports both HBAs and CGAs
>for non-local contexts.  I also believe the MIP6 context for CGA use is
>non-local.

I don't know about MIP6, but when I read the second paragraph of 
section 7.4 in the CGA RFC, I get a different impression. The fact 
that the paragraph begins with "Finally, a strong cautionary note has 
to be made about using CGA signatures for purposes other than SEND." 
suggests to me that the authors anticipated that others might want to 
use CGAs elsewhere. They provided a list of comments about why CGAs 
were designed for and well-suited to the SeND context (which is 
local), and warnings about the limitations that arise if one tries to 
use CGAs elsewhere.

Steve