Re: [sidr] Kathleen Moriarty's No Objection on draft-ietf-sidr-publication-10: (with COMMENT)
Rob Austein <sra@hactrn.net> Tue, 31 January 2017 01:02 UTC
Return-Path: <sra@hactrn.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D16D2129789; Mon, 30 Jan 2017 17:02:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.1
X-Spam-Level:
X-Spam-Status: No, score=-5.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lDYJ1rRRb-pj; Mon, 30 Jan 2017 17:02:36 -0800 (PST)
Received: from khatovar.hactrn.net (khatovar.hactrn.net [198.180.150.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C717E129784; Mon, 30 Jan 2017 17:02:36 -0800 (PST)
Received: from minas-ithil.hactrn.net (c-73-47-197-23.hsd1.ma.comcast.net [73.47.197.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nargothrond.hactrn.net", Issuer "Grunchweather Associates" (not verified)) by khatovar.hactrn.net (Postfix) with ESMTPS id 627681398C; Tue, 31 Jan 2017 01:02:35 +0000 (UTC)
Received: from minas-ithil.hactrn.net (localhost [IPv6:::1]) by minas-ithil.hactrn.net (Postfix) with ESMTP id E32F74665502; Mon, 30 Jan 2017 20:01:57 -0500 (EST)
Date: Mon, 30 Jan 2017 20:01:57 -0500
From: Rob Austein <sra@hactrn.net>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
In-Reply-To: <148476342049.2020.11557954514441735216.idtracker@ietfa.amsl.com>
References: <148476342049.2020.11557954514441735216.idtracker@ietfa.amsl.com>
User-Agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20170131010157.E32F74665502@minas-ithil.hactrn.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/jNjxSj4ZSaOPf29v3YxCQfg4eOA>
Cc: Chris Morrow <morrowc@ops-netman.net>, sidr-chairs@ietf.org, The IESG <iesg@ietf.org>, sidr@ietf.org, draft-ietf-sidr-publication@ietf.org
Subject: Re: [sidr] Kathleen Moriarty's No Objection on draft-ietf-sidr-publication-10: (with COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2017 01:02:38 -0000
At Wed, 18 Jan 2017 10:17:00 -0800, Kathleen Moriarty wrote: ... > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > As for Alissa's comment on transport, more language added to the Security > Considerations section would be helpful to explain why the CMS signature > is sufficient. I am assuming that the only exposure would be to public > information during transport that is protected from tampering, unless I > missed something in reading the draft (I don't think you are transferring > private keys and didn't see that in the text). Correct, no private keys in flight here. Everything being transferred is a signed object intended for public consumption. Will try to come up with something for security considerations (I would say "suggestions welcome" but I think you just did...).
- [sidr] Kathleen Moriarty's No Objection on draft-… Kathleen Moriarty
- Re: [sidr] Kathleen Moriarty's No Objection on dr… Rob Austein
- Re: [sidr] Kathleen Moriarty's No Objection on dr… Kathleen Moriarty