[Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 17 May 2024 03:12 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 707AAC18DA1C for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 20:12:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id roKgnQSOuwNt for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 20:12:45 -0700 (PDT)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA798C1840FF for <tools-discuss@ietf.org>; Thu, 16 May 2024 20:12:45 -0700 (PDT)
Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1ed0abbf706so1611525ad.2 for <tools-discuss@ietf.org>; Thu, 16 May 2024 20:12:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715915565; x=1716520365; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id:from :to:cc:subject:date:message-id:reply-to; bh=+L0H8Bc6RVby060kgqUyCFY7LjKn386EOGdKIklLTJk=; b=MghE//A4aFRFOf/QuSCXInO6BPWyHQz4Sj+6INnw6tw/oa8dUErH+tJTEOiPsbdv3Y HDet1wVCRHQTYTYZlzg0UHkBoSGJh8UAtgewmUoB1xOLF8PaahOOWWaNLtZhhZ/JBM8K PDzj7NEokFDI40dgYynuDq6vtvifJ/oP0Q1uaxxtUXfaF6ujFszXGNh6Xy+YLaV8Kt7H oFR722/KZDcxYW2izAnqVXwHIAjAq5TQEtuwAAiO9+yV5UlkpaKDMDa+544GNCua4e3e Tgj76iYtxFSXtB1O99CycEwyceszjHM57IsXPJ8u8QFM4JpGQSnab6WAPqYUxLsYH3Td /02w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715915565; x=1716520365; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+L0H8Bc6RVby060kgqUyCFY7LjKn386EOGdKIklLTJk=; b=lEyRx0IGIh1yOyr8zbYgkJfzrAW4alZjL4pImhQ3oa32DVsZu7JOurUTXPi47l9eQw giuvN/LWi7qbNy72OsChdO+the7qz2MsGS2+Q7umJ/dw+DexjOhyFkwICDYiZnc9KEWv pjjdDMXEXUcJ8zfxBz4jif4ojtD5gSRNvSsUvgkJmfTpzpFgcwY+y0YT+aibcpxiVUBa X7lpaXyw8x3Qc+TGD5LZcAAhjjeRvUt8NlksvpsSuzzO0mYoP2uth3rFLo7Yi356Cehm wz1FdCPrbEqIRJBiFHOg800CWB+T0dof/kwzbWIm4Mpob+sH25FDcm6BLDdcL+nBMV9W hucQ==
X-Forwarded-Encrypted: i=1; AJvYcCXEe56yccJOfddsYJdF5s77I57CzK0kAl3AHOmnrI08EifK8VS3ePuTXCd/UOBXidlv+ZLGZyAttodEPcPdQVrXkLtmkVIP
X-Gm-Message-State: AOJu0YyysgAGKz80JBzUHQh1drDhXdXG0+tWyiXdarMx3gOFUz0XWLXG LRXQRU/+CnxOMLQas0s46BgR55KBgFWOB3Y6gAsbFJyEL61qmd+Iy2W+mRNy
X-Google-Smtp-Source: AGHT+IF+ZyoX4EdH3vTKh1pyU/RB2v6sm9BSXfBfH1vWPUP36ouo3jhDYv+W8qeH7PkJDRnj9DvnFw==
X-Received: by 2002:a17:902:780d:b0:1e4:b051:f870 with SMTP id d9443c01a7336-1ef43d2e98amr201220595ad.24.1715915565177; Thu, 16 May 2024 20:12:45 -0700 (PDT)
Received: from ?IPV6:2404:4400:541d:a600:44b7:2c2e:2bc6:8707? ([2404:4400:541d:a600:44b7:2c2e:2bc6:8707]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1ef0c160b1asm147236735ad.275.2024.05.16.20.12.43 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 16 May 2024 20:12:44 -0700 (PDT)
Message-ID: <e8a9c549-d32e-44e0-822f-85405224d7d8@gmail.com>
Date: Fri, 17 May 2024 15:12:40 +1200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: John Levine <johnl@taugh.com>, tools-discuss@ietf.org
References: <20240517014737.3ED558B5947F@ary.qy>
Content-Language: en-US
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <20240517014737.3ED558B5947F@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Message-ID-Hash: JBZAGNY5AHQBMG3C2G7D74NZ25W57LG4
X-Message-ID-Hash: JBZAGNY5AHQBMG3C2G7D74NZ25W57LG4
X-MailFrom: brian.e.carpenter@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/5f71oqjQAraC7FsQ5L2FMxI-sVk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Owner: <mailto:tools-discuss-owner@ietf.org>
List-Post: <mailto:tools-discuss@ietf.org>
List-Subscribe: <mailto:tools-discuss-join@ietf.org>
List-Unsubscribe: <mailto:tools-discuss-leave@ietf.org>

On 17-May-24 13:47, John Levine wrote:
> It appears that Eric Rescorla  <ekr@rtfm.com> said:
>> Retrieving the documents over HTTPS provides both:
>>
>> 1. Confidentiality of which document is retrieved.

Correct, which is a privacy issue. I generally think of that
as distinct from security, when we are dealing with public
documents.


>> 2. Integrity of the document contents (to the level that this is what the
>> server currently believes).
>>
>> FTP provides neither of these.

Well, it provides integrity modulo the TCP checksum, I think. As John
Klensin just pointed out, if we were concerned about this, we'd really
need the RPC to provide signatures.

    Brian


> 
> You're right, and if we had reports of maliciously tampered copies of
> RFCs floating around or a lot of politically sensitive stuff in RFCs,
> I would be more concerned.
> 
> We have better ways to transfer documents including rsync and https,
> and it is fine to encourage people to use them, but in a world where
> there have been unsigned copies of RFCs floating around for 50 years,
> FTP tampering has to be rather low on my list of things to worry
> about.
> 
> I would be more concerned about the effort needed by the RPC to keep
> the FTP server going, but if their FTP server is like my FTP server,
> looking at the same files the rsync and https servers do, the extra
> cost of FTP rounds to zero.
> 
> R's,
> John
> 
> PS: On the other hand, the Googlebot got stuck in my FTP server a few
> weeks ago and was hammering on it several times a second listing the
> same empty directory, which was just strange.
> 
> -----------------------------------------------
> Tools-discuss mailing list -- tools-discuss@ietf.org
> To unsubscribe send an email to tools-discuss-leave@ietf.org
> https://mailarchive.ietf.org/arch/browse/tools-discuss/