Re: [yam] [secdir] secdir review of draft-ietf-yam-rfc1652bis-03

Alessandro Vesely <vesely@tana.it> Mon, 08 March 2010 09:10 UTC

Return-Path: <vesely@tana.it>
X-Original-To: yam@core3.amsl.com
Delivered-To: yam@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE9853A67B1 for <yam@core3.amsl.com>; Mon, 8 Mar 2010 01:10:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.672
X-Spam-Level:
X-Spam-Status: No, score=-4.672 tagged_above=-999 required=5 tests=[AWL=0.047, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1o0PWXVSkLZj for <yam@core3.amsl.com>; Mon, 8 Mar 2010 01:10:20 -0800 (PST)
Received: from wmail.tana.it (www.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id 2E1493A67A1 for <yam@ietf.org>; Mon, 8 Mar 2010 01:10:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tana.it; s=test; t=1268039422; bh=8/RHMeDtBvSFHk1U5pEM5ccksX4LRfWsypZ5sOgTrrU=; l=379; h=Message-ID:Date:From:MIME-Version:To:References:In-Reply-To: Content-Transfer-Encoding; b=aQ6mQm3w+o9mlUWMWnfmKsBhXI2ZrtAOPY4GqG7d74wjDBnCUybzgHx8PGKWCAy7a ZizKepINDCMiEklpj2oezZ2U401SZWBgv53+pWT4zpv0RFC83X+woAO3i90Cz5OW1U 1Dgi9+fh1wm0kOrnWZcipVCrs6tyrqktwrvYpD6U=
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 515, TLS: TLS1.0,256bits,RSA_AES_256_CBC_SHA1) by wmail.tana.it with ESMTPSA; Mon, 08 Mar 2010 10:10:22 +0100 id 00000000005DC02F.000000004B94BEFE.00005C42
Message-ID: <4B94BF00.2030603@tana.it>
Date: Mon, 08 Mar 2010 10:10:24 +0100
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
MIME-Version: 1.0
To: yam@ietf.org
References: <4B8E515A.6060608@isode.com> <6.2.5.6.2.20100303103218.0ba092a0@resistor.net> <4B90ED1C.8040905@tana.it> <6.2.5.6.2.20100305051249.09f24f38@resistor.net> <4B923E1E.4070201@tana.it> <6.2.5.6.2.20100306054559.08fe2908@resistor.net> <4B92DEBC.9030209@dcrocker.net> <4B939BBC.6040102@isode.com> <01NKGR6SSL4G00DRKJ@mauve.mrochek.com>
In-Reply-To: <01NKGR6SSL4G00DRKJ@mauve.mrochek.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [yam] [secdir] secdir review of draft-ietf-yam-rfc1652bis-03
X-BeenThere: yam@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Yet Another Mail working group discussion list <yam.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/yam>
List-Post: <mailto:yam@ietf.org>
List-Help: <mailto:yam-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Mar 2010 09:10:21 -0000

On 07/Mar/10 19:40, Ned Freed wrote:
>> Dave CROCKER wrote:
>> >
>> > since it does transfer a nearly-binary object, there is some
>> > possibility that is could facilitate exploitations of this type.
>
> I have to strongly object to adding this, because this is quite simply at odds with reality.

+1, detaching from real weakens the "Security Considerations" channel.