Hi Card, I don’t disagree with you. My point was that it’s better to discuss scenarios involving physical actions with devices in a separate subsection in the Security Considerations section. Just because they are very different from security point of view. And it will also be helpful if you make your reasoning explicit. Regards, Valery. From: Card, Stu [mailto:stu.card@xxxxxxxxxxxxxxxx] Valery -- Thanks for the review! As you have already seen from the preliminary responses, we are collectively working on addressing all your points. Here, I would like to address just one, from a different perspective. So below I will snip your mail down to just that one point. We included, in the Security Considerations section, the idea of a large malicious UA carrying a small and seemingly harmless UA as a false flag. We did not put this idea in there because we felt that mitigating such vulnerabilities was in scope of IETF. We put it there to forestall some of the discussion that would otherwise ensue about protecting private keys that could be used for spoofing. As a device (small UA) containing a private key can be physically carried by another device (large UA), there is no way clever key distribution/management/protection can prevent one device spoofing generally as another such readily available device. This is quite distinct from preventing a device from spoofing as a _specific_ other device: with DRIP, Carol's UA cannot successfully pretend to be Bob's UA. Your review suggests, to me, that we should make the above reasoning explicit in the draft. On Wed, Mar 30, 2022 at 9:51 AM Valery Smyslov via Datatracker <noreply@xxxxxxxx> wrote:
|
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call