Re: [TLS] TLS@IETF101 Agenda Posted

[nalini elkins <nalini.elkins@e-dco.com>]

Stephen,

More on other points later. I am getting pretty tired as am jet lagged.

>I am just fine with talking openly on the mailing list, as
>per IETF processes. I see no benefit in smokey back room
>discussions here at all, and only downsides to such.

You know, this issue of side or quiet conversations keeps coming up.   Let
me try to clarify what I feel is a misunderstanding.

In other WGs, we talk to each other sometimes in small groups, sometimes
one to one to try to clarify things.  The result ends up in the draft or
the public email list, as appropriate.

There is no question of a smokey back room.

I remember a while back when I had a lengthy disagreement with someone
which kept not getting resolved, someone (actually, Al Morton - dear sweet
guy!) took me by the scruff of the neck and made the two of us sit down
together with him.  In half an hour, we resolved the point and were able to
continue with the draft.  If we had kept throwing things at each other, as
it is easy to do via email, who knows how long the conflict would have
lasted.  I learned a valuable lesson that day.

So, I am not trying to subvert the process as some seem to imply.   Talking
to each other f2f actually seems to me to be one of the points of
journeying quite so far and spending so much money to come to an IETF
meeting.  (Having said that, the "journeying so far part" or plane trip is
catching up with me!   More tomorrow.)

Nalini









On Wed, Mar 14, 2018 at 4:49 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>;
wrote:

>
>
> On 14/03/18 23:32, nalini elkins wrote:
> > But, it is a very difficult issue.   If I can use a different analogy, if
> > the City of Monterey built a new sewer system and told me that to connect
> > to it, I had to build a new house, I would scream!
>
> Analogies cannot be used to draw conclusions, merely to illustrate.
> That analogy doesn't help illustrate anything for me fwiw.
>
> > TLS is used in many, many places.  The Internet is critical to the
> > businesses of the world.
>
> Yes. Both fine reasons to not mess about with, weaken or
> try break the TLS protocol.
>
> BTW - while you and others may constantly over-claim and
> say your consortium represents "enterprises," I assume you
> do not claim to represent all "business." ;-)
>
> >  You can't just say use something other than
> > TLS.
>
> Yes. I can. Kerberos and IPsec are used within many enterprise
> networks. TLS is not the only tool in the toolbox.
>
> If your consortium want a multi-party security protocol that
> does not affect other folks' security as you seem to claim,
> then that is the obvious route to explore. And that protocol
> needs to be non-interoperable with TLS (maybe even non-confusable
> in some stronger sense) IMO in order to avoid the risks that
> breaking TLS would result in us all taking.
>
> > Or don't use the Internet.  It's not so easy.
>
> I never said that. Why invent something like that?
>
> > I wish we could actually talk to each other quietly and reasonably.  This
> > is a very, very difficult problem.
>
> I am just fine with talking openly on the mailing list, as
> per IETF processes. I see no benefit in smokey back room
> discussions here at all, and only downsides to such.
>
> S.
>
>
>


-- 
Thanks,
Nalini Elkins
President
Enterprise Data Center Operators
www.e-dco.com