Re: [secdir] [Anima] Secdir last call review of draft-ietf-anima-bootstrapping-keyinfra-16

Ted Lemon <mellon@fugue.com> Tue, 02 October 2018 20:19 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2229E131110 for <secdir@ietfa.amsl.com>; Tue, 2 Oct 2018 13:19:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IHLvRvqdswiZ for <secdir@ietfa.amsl.com>; Tue, 2 Oct 2018 13:19:54 -0700 (PDT)
Received: from mail-yb1-xb31.google.com (mail-yb1-xb31.google.com [IPv6:2607:f8b0:4864:20::b31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DF0313112E for <secdir@ietf.org>; Tue, 2 Oct 2018 13:19:52 -0700 (PDT)
Received: by mail-yb1-xb31.google.com with SMTP id o63-v6so1387196yba.2 for <secdir@ietf.org>; Tue, 02 Oct 2018 13:19:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=gNcZI4A4jGUAgvXuXZcGiDSHOvkTK6za+K6iBmm8b6E=; b=AL+nQntQcPA+ozbZhm3251HeDrxN1qN851aj+gPC5ujeOFbxxcOOr+aAL4+U/XEm4o DWGlAT9bsCG67bCguzVRpbfrKhi9xgzwc6Uq/0T9GDxFwX9g4oXUWxCyOQtB3p9rSQYR aR8LK980MX6LxH5q51uJ3oNsldBt0OFEAmKM2f/mfw/dY9ifjNHUfJ6kHtlC5X+WqQ82 57XA80jlujtPSaHibIxyp5oDeBmHI3OWDlpVhfpAnINiXgVl3+6QSipUiwA6nlnNHd2k HDohRIyrqvMXnaci3bjbZXUXCX+nBra/TS0zeg8QOTcejJ6/UXJnC/fX1bnk8kJPL3PN MebA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=gNcZI4A4jGUAgvXuXZcGiDSHOvkTK6za+K6iBmm8b6E=; b=MvESlLCo/TvukjqukTno0/9I6tR0SHa3ixt/dLTUJR1Uz7VkGd4nc/vdf3QHz3YkN7 cGUFvnDGE4hWo8QN9aditdWEaLtNwnqilO/ECkNFJZ+gvfUV2MHF5d2yp12QZGEnMBoV nu6+4e5q5jSGZYpAEqqCye9W6ePjzipnyMiVJhPGR1nSz2iyo9OBuWakrhI8ELjXbXhr mkLfC2gmYx12ZCFeHMkQZIqcCTPe298t6SjpNINBVO11iePWPIXGhROG6t/Y9yV59FvR //EyL71nEWNRYjQW7uqpJfWk+d2L6RqVXOOLoEuJ7tiB25trKshYHPrQ5tus6BY2va40 8DjA==
X-Gm-Message-State: ABuFfoharKPrgijyK0sWefr+jqEU9jRnsX9OTRxxo+h0YXhcq6B9Yhc4 z7AXvBZSXr61OIXuoWAIs0iafg==
X-Google-Smtp-Source: ACcGV63oB5/UJRSyB+dR4rjmstBY+c+rGQnWGjJx4lJvW2yLCd1Fi0/R3WeWfFvOCiByppLExS4r8Q==
X-Received: by 2002:a25:c4c4:: with SMTP id u187-v6mr9975599ybf.413.1538511591274; Tue, 02 Oct 2018 13:19:51 -0700 (PDT)
Received: from [10.0.100.12] (c-73-167-89-221.hsd1.nh.comcast.net. [73.167.89.221]) by smtp.gmail.com with ESMTPSA id h13-v6sm6371372ywc.100.2018.10.02.13.19.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 02 Oct 2018 13:19:48 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <8B8C96FF-69D2-4ED5-A961-068C975C6D4E@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E2A689A8-8703-4BAD-B5E3-DEE8EC6CCA69"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Tue, 02 Oct 2018 16:19:46 -0400
In-Reply-To: <35fdaa10-426d-d732-717d-37a25207250b@cisco.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, Christian Huitema <huitema@huitema.net>, Randy Bush <randy@psg.com>, Security Directorate <secdir@ietf.org>, anima@ietf.org, draft-ietf-anima-bootstrapping-keyinfra.all@ietf.org
To: Eliot Lear <lear@cisco.com>
References: <153826253306.18743.9250084704876465818@ietfa.amsl.com> <m2sh1qkebi.wl-randy@psg.com> <057bd957-06b4-824e-a7c8-214383819621@huitema.net> <m2murxi8ws.wl-randy@psg.com> <b4a32733-c2df-6bea-17d2-4d45ee4d5136@cisco.com> <m2wor0h9vu.wl-randy@psg.com> <1fd9c9d5-508f-901e-818c-3cc87725c331@cisco.com> <B9A85C1F-3299-4EB5-8716-05CC14CDC1F5@fugue.com> <3590.1538507134@localhost> <CAPt1N1mnps23VNjpjH41jiyOzs+N-fWLR3rJ33KZZsFuThDsMg@mail.gmail.com> <35fdaa10-426d-d732-717d-37a25207250b@cisco.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/zvEvMYQhH9OlZeqQAbBo4CdwMQk>
Subject: Re: [secdir] [Anima] Secdir last call review of draft-ietf-anima-bootstrapping-keyinfra-16
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 20:19:55 -0000

On Oct 2, 2018, at 3:29 PM, Eliot Lear <lear@cisco.com> wrote:
> You really answered your own concern.  Nobody would put up with such an
> approach that either intentionally bricked* a perfectly functional
> device.

No one would put up with it if they anticipated it.   The problem is that they might not anticipate it.   It's the kind of risk that the end user might simply not imagine.