IETF Logo Mail Archive

Re: [lamps] Recharter Discussion

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 29 June 2017 16:54 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D997712EAC1 for <spasm@ietfa.amsl.com>; Thu, 29 Jun 2017 09:54:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.398
X-Spam-Level:
X-Spam-Status: No, score=-2.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PocVElqdxC_a for <spasm@ietfa.amsl.com>; Thu, 29 Jun 2017 09:54:20 -0700 (PDT)
Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A3E4129B41 for <spasm@ietf.org>; Thu, 29 Jun 2017 09:54:20 -0700 (PDT)
Received: by mail-lf0-x22d.google.com with SMTP id l13so56438003lfl.1 for <spasm@ietf.org>; Thu, 29 Jun 2017 09:54:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=6DMfj2QTW7ROspv/HjKJmIEglSvYRxgtEtp8eh+wj4A=; b=DlgEwIdbSx3BwJDq6/VyYnJcXvb320V2AajOhcwSugBHw0+w3oIz1W9dh1FTiTD8O/ JSlgcWowevU/ASlYTVbCktKhuVGcelrlS89vIsAtaZ02S/bC8tx9Dx2xgVvs23zPF/xk ueexK6+grEMYQMVbc6sPx56U6NnInnZ+Ae8gcUtbTpuhZDtS1EtSfHAjfPuOCkSRp3TE GX6hAQqBiQdx/aCC5CehppIO75yY2NlEOW5WGGZkWCwsinlde6KVr4w4FWB9tnViVop6 JnsKfu60eyBn5k3w9f6WMqwrNdlN+8aEUlNc4Opdrium2RZoUYp7MwofEuWMNd8o619q YThg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=6DMfj2QTW7ROspv/HjKJmIEglSvYRxgtEtp8eh+wj4A=; b=boTih3FBzvMPuS8KrQHVRaBhsieCmYIqPx1B3C2DKUWaXm/F1/BLg5oTTanz0SZ7WV uouF5Lj52pZwt0IgxHRT0AXdWCecusb29PrJeOhzJPfUTcxy487zBYy0Ku8SwdEvs0Ai 384/RvO6CvFaZjpN3ku2r1fvHMfeeUh6MQRdkq5jnprJQ2GH53bH5xFdPgapP0n5IVZz g2dd42jTEPNZQkvI98zkJ7vNiQkl0yuldymXZXwSxV/WkKLcPF4IoVp/vu1XXdxDhG8v rL+TxxF09NI6gS086N/C9609vhereMjtHaPf85Mbau8Yld2rqJvwX2lg56mIsBHSgCcO aXEQ==
X-Gm-Message-State: AKS2vOznBioM0GS7cp5L0pA9D4sGa3ctLCecPZTJtdaJu9/7xOMi1H08 KQVo2b7o23hN1Dy6RDXb3Cc/1LTWOw==
X-Received: by 10.46.33.165 with SMTP id h37mr5671499lji.15.1498755258450; Thu, 29 Jun 2017 09:54:18 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.25.181.214 with HTTP; Thu, 29 Jun 2017 09:54:17 -0700 (PDT)
In-Reply-To: <d1145d7d-4d26-27f0-054c-c389f6858965@cs.tcd.ie>
References: <D773A43E-2570-4187-A538-38440C756464@vigilsec.com> <CAMm+Lwh+2_rqkOBr1hF2WmgSijcTAQ8PSf4b5Vh=Cpgo8wZ_ug@mail.gmail.com> <E44CFB86-4F7D-4951-BEAD-41D1A6DD7B51@vigilsec.com> <CAMm+LwhJ4==xzjS=TROU1iQB5=bdM=s0e5nZT70k7DMyUoxhFw@mail.gmail.com> <6D0438F4-5C3B-4F28-A8FB-16B6CFA1C7CA@vigilsec.com> <d1145d7d-4d26-27f0-054c-c389f6858965@cs.tcd.ie>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 29 Jun 2017 12:54:17 -0400
X-Google-Sender-Auth: 9ngFfCCzx-gr1yx_-BUVpgpUrOg
Message-ID: <CAMm+Lwi95CUiDZAHvGADHq40Uw-bJEmY3ZMZdaViHnvftm5oVQ@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Russ Housley <housley@vigilsec.com>, LAMPS <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="001a1142bbc0c908d505531c26ea"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/5mjlXwBvPKvzu6sOU31XcFR2r4I>
Subject: Re: [lamps] Recharter Discussion
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jun 2017 16:54:23 -0000

On Thu, Jun 29, 2017 at 12:47 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie
> wrote:

>
>
> On 29/06/17 16:21, Russ Housley wrote:
> > Do others have an opinion?
>
> The function sounds useful but perhaps better provided
> via an API to a CT log (not sure). The reason I'd wonder
> about that is that it's hard to see what code would
> read this new value and not want more information than
> that. A CT log API could provide more so might be more
> useful (e.g. if an RP could ask "show me your history of
> meta-data related to certs for example.com").
>
> Probably not that relevant, but similar information would
> also exist in passive DNS DBs I guess.
>

​There is always a cut off between the standardized parts and the rest.

When I first proposed this, it was for human consumption. What I am
thinking about now is rather more of a hook for likely proprietary AI
systems reading it.​

​Security is risk mitigation, not risk elimination. Right now we can
eliminate what? 95% of phishing sites with free DV certs by simply
rejecting any certs less than 5 days old. ​


​What we do next with the ​data is going to be important. But not something
we are going to be able to really work on at all, let alone standardize
until after we have data.

All I want to do right now is to instrument so we can start collecting data.

v2.23.0 | Report a Bug | By Email