[Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)

Eric Rescorla <ekr@rtfm.com> Fri, 17 May 2024 03:35 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00131C18DA19 for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 20:35:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sl5D6GddPvsT for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 20:35:42 -0700 (PDT)
Received: from mail-yw1-x1131.google.com (mail-yw1-x1131.google.com [IPv6:2607:f8b0:4864:20::1131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16E30C14F6FD for <tools-discuss@ietf.org>; Thu, 16 May 2024 20:35:42 -0700 (PDT)
Received: by mail-yw1-x1131.google.com with SMTP id 00721157ae682-61bed738438so90051347b3.2 for <tools-discuss@ietf.org>; Thu, 16 May 2024 20:35:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1715916941; x=1716521741; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sXnDdkAD4293q3/HrgxgC7r6kvdcYa8dumSNpkMS84c=; b=oaCTy69xPwcCa14u96RiprB+1mJIa9CAxaMsgodBghXs56qwVqQyLdZeAWG+7YE0f/ nXBLotML5twGcdAT8wgyfpKrLx1/RYgnvH6QCop/FDsgF7F8iSLVzS1wsyXxk6eIvf6s Mvfb6DIQAJcsKzeTqgv5JvReGpbqvJD5UuNSMryAAQCI8IkBNU5vIwS6ucmBtA6+DmnY ssEdDHIlErGNQKtIns/2zIebquDCtoHoTt6f40os1YwT+yWKUUWKt0dQM93XU1RnQJSe fZiO0k74A/3jNY8TcdHOABrwtQb+vOq+8UOI61viV4GJOA0su0DN1tzR2D5R0U7t12ho RVtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715916941; x=1716521741; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sXnDdkAD4293q3/HrgxgC7r6kvdcYa8dumSNpkMS84c=; b=egR4phkUV1glz4WXqiLi+4aD5gDDJnEeETKiWpT8H53YkQODbpsxMVHbFHMYG780hO wWFYzXa4+FzDTyl/fjEQ9J2XPP1U5mHD2NLo5nR5gtV2nKaCnxs4Z/Bv4as8mKX+c1KD Dxgc1Lz87wl8ltJJgTsh28v8cAAHOQOBxfkYTTLq9ZJLuGrk4X5pBfTR06y4N5w4VtMK TaHysFCchGcZch4JRoatZU68J7RbHPD+OzSt5tSh2zTfJMZAx+yLFBqMB6dx4jH9j4NH 1Dhx8g6RKhTpN0mx1uLxi7hcaoNWjvq/J2RgU6CvWNyUUQs8u1gFb+oAAz4ekTJOtTl6 HfyQ==
X-Forwarded-Encrypted: i=1; AJvYcCWJODFG9jwigdEwBkl1RXnG3m6ohX86zymR29DNv65tMGYVXd1mmr2gy7nnm+A+V45WAylzW+iTKPuKLPj2OXLVqiCz1q0A
X-Gm-Message-State: AOJu0YxdlK+TYkmvkzL1aK45qhe2q8KVEyLI9diRlF6cTMm+ylFc34a/ uh8CPuskoMUnDZk+J+EDvi81f2PiYBWjqe2dNL8towM093a6Ced17XHpks+TAXIbUPtlZiNkHms HW12p0h/zYJteoIyv2hsRHXir1yRpfKMb2HxXHCfslZNlAz2o
X-Google-Smtp-Source: AGHT+IEtVgd2ha2izdYjlC7mJy4bxewhrpSSEFzkxt+Rl+0PxtAAo9aUWu+aunb5pnBDVRLbN9nAMDlaYIWhjjQsI7k=
X-Received: by 2002:a05:6902:110:b0:de6:b58:fe72 with SMTP id 3f1490d57ef6-dee4f4ed89emr19717113276.58.1715916941110; Thu, 16 May 2024 20:35:41 -0700 (PDT)
MIME-Version: 1.0
References: <20240517014737.3ED558B5947F@ary.qy> <e8a9c549-d32e-44e0-822f-85405224d7d8@gmail.com>
In-Reply-To: <e8a9c549-d32e-44e0-822f-85405224d7d8@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 16 May 2024 20:35:04 -0700
Message-ID: <CABcZeBNsbexYaH7egXo165iRB1bAaMdZwBvub_B-myo5s1uKNA@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000bd4f9206189e0bf6"
Message-ID-Hash: I452JPDUPUJRI2XLWB4UDTICWUDD5OLZ
X-Message-ID-Hash: I452JPDUPUJRI2XLWB4UDTICWUDD5OLZ
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: John Levine <johnl@taugh.com>, tools-discuss@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/PchHqNHlbbf4yqbIqFsRnpt2lLs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Owner: <mailto:tools-discuss-owner@ietf.org>
List-Post: <mailto:tools-discuss@ietf.org>
List-Subscribe: <mailto:tools-discuss-join@ietf.org>
List-Unsubscribe: <mailto:tools-discuss-leave@ietf.org>

On Thu, May 16, 2024 at 8:13 PM Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> On 17-May-24 13:47, John Levine wrote:
> > It appears that Eric Rescorla  <ekr@rtfm.com> said:
> >> Retrieving the documents over HTTPS provides both:
> >>
> >> 1. Confidentiality of which document is retrieved.
>
> Correct, which is a privacy issue. I generally think of that
> as distinct from security, when we are dealing with public
> documents.
>

I don't think the line is anywhere near as clear cut as this.
Generally, we just call this property "confidentiality" regardless
of the content being protected.


>> 2. Integrity of the document contents (to the level that this is what the
> >> server currently believes).
> >>
> >> FTP provides neither of these.
>
> Well, it provides integrity modulo the TCP checksum, I think.


TLS provides integrity against active attack on the wire, which the TCP
checksum does not.


As John
> Klensin just pointed out, if we were concerned about this, we'd really
> need the RPC to provide signatures.
>

No, not really. TLS--or other transport security mechanisms protect
data against attack on the wire--but not against attack by the endpoint
server. It's true that signatures would also protect against attack
by the endpoint server, but turn out to be hard to deploy. By contrast,
we've been very successful at deploying transport security. Again,
this argument makes the best the enemy of the good.

In any case, I don't particularly care about whether the RPC has FTP
on and I agree the risk is low, but it's simply not correct to say that
restricting our delivery of RFCs to secure transports has "nothing
to do with security".

-Ekr



>     Brian
>
>
> >
> > You're right, and if we had reports of maliciously tampered copies of
> > RFCs floating around or a lot of politically sensitive stuff in RFCs,
> > I would be more concerned.
> >
> > We have better ways to transfer documents including rsync and https,
> > and it is fine to encourage people to use them, but in a world where
> > there have been unsigned copies of RFCs floating around for 50 years,
> > FTP tampering has to be rather low on my list of things to worry
> > about.
> >
> > I would be more concerned about the effort needed by the RPC to keep
> > the FTP server going, but if their FTP server is like my FTP server,
> > looking at the same files the rsync and https servers do, the extra
> > cost of FTP rounds to zero.
> >
> > R's,
> > John
> >
> > PS: On the other hand, the Googlebot got stuck in my FTP server a few
> > weeks ago and was hammering on it several times a second listing the
> > same empty directory, which was just strange.
> >
> > -----------------------------------------------
> > Tools-discuss mailing list -- tools-discuss@ietf.org
> > To unsubscribe send an email to tools-discuss-leave@ietf.org
> > https://mailarchive.ietf.org/arch/browse/tools-discuss/
>
> -----------------------------------------------
> Tools-discuss mailing list -- tools-discuss@ietf.org
> To unsubscribe send an email to tools-discuss-leave@ietf.org
> https://mailarchive.ietf.org/arch/browse/tools-discuss/