IETF Logo Mail Archive

Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

"Martin Thomson" <mt@lowentropy.net> Thu, 07 November 2019 02:15 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F03F71200C3; Wed, 6 Nov 2019 18:15:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=rNa+IsA0; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=F9SFHs1R
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qv9EzPl_gTNF; Wed, 6 Nov 2019 18:15:29 -0800 (PST)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5164E12008F; Wed, 6 Nov 2019 18:15:29 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id 85BA64CD; Wed, 6 Nov 2019 21:15:28 -0500 (EST)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Wed, 06 Nov 2019 21:15:28 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type:content-transfer-encoding; s=fm3; bh=yD CIi5UNyY922++dP2q36DzvDCigWVjRJDeYWsn0bGc=; b=rNa+IsA0B35YDsPXf3 Xv7uhi4W/aAAlgDpHYPkXDv7cZ+HeagK8tkgAMF2zLvi+mWENqc2Bq7JbKI3gkhX uFfBADVSwc1AMMmtIT9mZqnw++9lKl46O8bp89acuGkQEviQ8e+V9PMcibnqAauo LoCSjqfCFK16fchNHV7bmsi4R0mak/IjhHPgZbK9t/kaJ3tQLWbU4l4ETYEaef5F O77s4DfGp3dKc+UiXaXyd48xq1NeO+LIgGj8eN0TX87m+aDxGnVo+wwIquPKdgPG KtYNdL7D4SWdI/NhTLwAM03H8nSbY3FK2rdSv0+wxW/qbvfUc/mcIDt8MfsAjl/t j+YQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=yDCIi5UNyY922++dP2q36DzvDCigWVjRJDeYWsn0b Gc=; b=F9SFHs1RwcnP8aNFLOZsq4cACSzESWN5ajKLi5oCUkw/GuNCR7CuF776V iCaAjV9tzVvOtO6qB5zHijau8Sf7fDL+ew6/5zHFhVH82VtUx6bgN6f5iPS4DxFr 5WpaE97ORsLzWqqtwd/2O4DIQYkViMvcXpZvoi++UWaLl+84d04r0hN1i2rOYpGc 6i1Xm7sMew1wYkToRWHs5nK2tKy9HD2Fi1b836EjcUhMI7Dz6EMNkMXuK9a4vhon yTKX9FLr89TGkdRZrjVSssf8IGsST/Qmfw2rFoNk6uhDkC6qZWmbJNI+zS5/NhVG 5vc1oIent1GFUjVGyfsf0106cQARg==
X-ME-Sender: <xms:Pn7DXeOZiyUhuBgn1cPFQ7bYOfrI7OSHaULBt1928BWx_gy67beAqw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedruddukedggeefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgfgsehtqhertderreejnecuhfhrohhmpedfofgr rhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenuc frrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvthenucev lhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:Pn7DXTzqGrRCq1WHN7MKCxBhLjeXjJyPTadLhFaXjiuNXUZskELNLg> <xmx:Pn7DXWeXUmV_FpCZG91Ys9Sxne48XcB2sDvRyZTGombbqpt7Wa3jfg> <xmx:Pn7DXcdbO1HVy1WI1JrpbVzpX9_m6CB5pIn2_ybdOhKv3woIrvd2Ig> <xmx:QH7DXaKxM3M8ygi99_bdxZTo_bUBqullxK_CGDpjwXHpoMoFlaOHaA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id BB0F1E00A3; Wed, 6 Nov 2019 21:15:26 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-509-ge3ec61c-fmstable-20191030v1
Mime-Version: 1.0
Message-Id: <8dd558db-6f22-487f-a714-9f0ba71e74dc@www.fastmail.com>
In-Reply-To: <54B33418-28D8-4176-A2EE-29FF27E5CE44@csperkins.org>
References: <67CE4313-A4C2-4CC7-972E-CB465D47B7FE@ericsson.com> <998B7C3E-54D8-40AC-BF91-901390CF70C5@strayalpha.com> <CAPDSy+5rvaXgEGZ7_V4pRdmBss7Hf1XmaGbiXGZceQu9hjjRTQ@mail.gmail.com> <118e630a-3f04-4aa9-8c1f-8083194865e4@www.fastmail.com> <9EC2E60F-6044-4135-A802-1665028E6075@ericsson.com> <54B33418-28D8-4176-A2EE-29FF27E5CE44@csperkins.org>
Date: Thu, 07 Nov 2019 13:14:15 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Colin Perkins <csp@csperkins.org>, Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org>
Cc: tsvwg IETF list <tsvwg@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/NYbqY4FR87qhgaVOxAEnu86-HF4>
Subject: Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2019 02:15:32 -0000

On Wed, Nov 6, 2019, at 20:58, Colin Perkins wrote:
> It certainly wasn’t my intent with this draft to say that all these 
> practices should be kept; rather to stimulate the discussion about what 
> should be preserved, what it’s necessary to find alternatives for; etc. 
> If this doesn’t come across clearly in the draft. we should fix it.

Thanks Colin,

I didn't start with that expectation and the introduction does a fine job of setting this out.  However the draft makes some very strong statements in the conclusion and - in a few places - the body that leave very little room for interpretation.

I'm happy to help identify specific cases, but it seemed to be fairly consistent throughout.  For the bulk of the document, perhaps the right thing to do is take another pass with a critical eye.  I don't know what to do about the conclusions section though.

I just want to say that while I appreciate the effort taken to document techniques, I'm not entirely convinced that it is the only way forward.  Discussion of existing practice can distract from the underlying needs.

To take the example of capacity planning, I had a great conversation about 18 months ago with Lee Howard about what that might look like in the presence of more opaque data flows between endpoints.  I don't think that we reached a specific conclusion, but it was refreshing to talk about the actual problem and not get bogged down in the detail of specific techniques.  Though the discussion touched on many existing and potential methods, our focus never left the important question of what the goals were and how there might be some shared interest in achieving that goal.

Being able to focus on the underlying requirements like that can be hard, but my sense is that this is where we'll need to reach before anything meaningful will happen.  I have to confess, despite enduring the spin bit debate, I find the fact that I have still trouble articulating exactly what requirements that mechanism addresses to be concerning.

v2.23.0 | Report a Bug | By Email