Re: [Smart] [Secdispatch] New Version Notification for draft-lazanski-smart-users-internet-00.txt

Bret Jordan <jordan.ietf@gmail.com> Mon, 15 July 2019 14:50 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: smart@ietfa.amsl.com
Delivered-To: smart@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9AA5120116 for <smart@ietfa.amsl.com>; Mon, 15 Jul 2019 07:50:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WNDgtxODWjA7 for <smart@ietfa.amsl.com>; Mon, 15 Jul 2019 07:50:22 -0700 (PDT)
Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E590C120172 for <smart@irtf.org>; Mon, 15 Jul 2019 07:50:22 -0700 (PDT)
Received: by mail-pg1-x52f.google.com with SMTP id z75so7827291pgz.5 for <smart@irtf.org>; Mon, 15 Jul 2019 07:50:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=JLPuo2OVxed6SkGZsCOFYnhf0veQ4fefMur2lkQpciM=; b=ldmdXjXcf2DPsKcE2hmNoJDIg5VwpAhyiUlSUI7bMfU6RKa8D5szTCnEfCSjFSULKQ 6dV/RuMHHSyJP/9T8JCWGiclm3jcv3nE7cWgpm4s9E71BBgmj2SHuZ5R+HgrjJc2DLfl 9TmA4GSWlq4D2Opse8jiksQON4UXnXneg/8s9vwc8JB2bLK4bvgHQoO1+h9vjvXiosmW 0J+6PAk7o2anpW4kafad59PwREx4nsJ+FKqFVzHji9ePcbaRHf7X+QFqKV/qb2KnjZKw DzNOTsPllKh7C9PmDnQxZQv+la6cgm0fVzLAPAjCU3DDJuDvIZkLTSDk0iflbkqUI4LK BSdQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=JLPuo2OVxed6SkGZsCOFYnhf0veQ4fefMur2lkQpciM=; b=ISLQzA2cTnr+Nif7kEAcxP7CMteU8Bo8fkoQohgX0ZVR9yz9X6o9cLHL60s4LDMLBY IQAgACI7kdSR+/qGlJiyQDiSH9i+wrKdN7puLO6LHYPEWJCdsI0wiJIPDRcWZ4MMcVr8 ix/HobeOjLVhi0Hh1JifQsyx692ggAHUmheNmAd9sAVw53kRek9UfK3UpdMdRhkbhusO c182vr/j3/CJ9UWI0y/9AHIX6ivoKOGqgmRNVztTk1z1Us5pLyri6kBD5+1lI4gK700r rsgXp9zqaGbea0QLQi2DParF/T4DXQbbsuZSU49S3ED0pAGkr5nw3NONrEvHpSLtuzGl BV8g==
X-Gm-Message-State: APjAAAVoPaXVzlgwsodXxhN5q32Fj7BwGPDJbejTHDlV5BBgHti29jIg /NG+qA0KFWLqjigadcwCQ9o=
X-Google-Smtp-Source: APXvYqw1erdgq9mZ0LM3FxbCjrIMTtsCaBjfm+74+b0MWItfoJJcdhdbvDlL3ZEczBQdHorBKviZ7g==
X-Received: by 2002:a63:7358:: with SMTP id d24mr27355311pgn.224.1563202222445; Mon, 15 Jul 2019 07:50:22 -0700 (PDT)
Received: from ?IPv6:2605:a601:a990:4d00:c449:d519:8ae0:afe7? ([2605:a601:a990:4d00:c449:d519:8ae0:afe7]) by smtp.gmail.com with ESMTPSA id p19sm21872629pfn.99.2019.07.15.07.50.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 15 Jul 2019 07:50:21 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Message-Id: <B0DB25BD-9187-410E-8561-4A35422F3591@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8E2B2E27-5B60-40A3-9A94-FAF44A31223A"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Mon, 15 Jul 2019 08:50:18 -0600
In-Reply-To: <CAHbuEH4E2Q6WhCpHvbwBqLQFFusXp0Rp6ozuaW4twN6=mBd5Hw@mail.gmail.com>
Cc: Eliot Lear <lear@cisco.com>, smart@irtf.org, Eric Rescorla <ekr@rtfm.com>, Dominique Lazanski <dml@lastpresslabel.com>, IETF SecDispatch <Secdispatch@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
References: <0A8948DB-F97C-4F68-9173-7E627FB5019C@lastpresslabel.com> <4B10655B-8753-4B10-ACC9-16D7F78AD9F9@gmail.com> <CAMm+Lwh3KW6ZBbMktwmLcKyY8=_ysLYJF_7MsAuiOat6baQ=Kg@mail.gmail.com> <B551EF79-7E6E-4C4E-ADCA-6538F7972222@gmail.com> <CAMm+Lwg+2RFiXK43nJv7pD3OgM8y=ziVYxBkXD3F2kJyz37SxQ@mail.gmail.com> <50E59504-CA00-4792-AA72-FC08051E2486@gmail.com> <CAHbuEH5WUv-a4nKt5YAZosO-vE773Jh3xn1+-hA=4J7RBERc3g@mail.gmail.com> <78ccb680-9ccb-f13f-0442-02833cc7cc92@cs.tcd.ie> <CABcZeBNwmitpkJn0fCbNHOJtJ25yXdk6i6U9wK0a-9hwK1Tqcw@mail.gmail.com> <D484DBE1-8136-42C6-882C-307DC48E06DE@cisco.com> <CABcZeBPrhs+UmWgEu7M8g_6j3+Yzp0+wkz0_OTtvnuUmCUFwSw@mail.gmail.com> <F17D1910-38B1-4919-8C67-E8902C155099@cisco.com> <CAHbuEH4E2Q6WhCpHvbwBqLQFFusXp0Rp6ozuaW4twN6=mBd5Hw@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/smart/Au3cVN5J3rPDL49xwbMYSRCCCbo>
Subject: Re: [Smart] [Secdispatch] New Version Notification for draft-lazanski-smart-users-internet-00.txt
X-BeenThere: smart@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <smart.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/smart>, <mailto:smart-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smart/>
List-Post: <mailto:smart@irtf.org>
List-Help: <mailto:smart-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/smart>, <mailto:smart-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 14:50:25 -0000

Kathleen,


> I do think there is work for the IRTF as well and would like to see that encouraged.  The shift to strong encryption is good, but upends the current security management models for many.

This is one of the points I made during my talk at RSA.  These technologies by themselves, are all really great.  The problem comes is when you start using all of them together.  To the naive comment earlier that this is about vendors trying to sell product, no, this is about network and cyber defenders and SoC analysts trying to do their job. There are things like regulatory compliance that organizations and enterprises are required to follow. Some times I feel like we are so worried about one piece of the security pie, that we completely neglect the others. 

Here in the IETF everyone needs to better understand how SoC analysts and network/cyber defenders do their jobs, what they are asked to do, and what tools are available to them. 

Bret