Two thoughts. On the one hand, Ned is absolutely correct: the thing we want to make absolutely sure of is the integrity of the object. The way of doing that is making sure the object itself can prove its integrity. In the messaging world, we do this with S/MIME. The use of TLS for SMTP or IMAP does not convey any integrity assertions for the object. Note this object should be signed by me when you receive it, by the way. On the other hand, while TLS is not at all sufficient for the integrity of the object, it is necessary to protect the individual accessing the object. There are a number of countries where asking for the RFCs relating to privacy, security, and threats to such too many times could get you arrested. Likewise, the presumption is the object might be signed, but it would be insane and useless to encrypt the object. However, there are many, many times one would want the object encrypted, even if only to compress it. Given that, the question should not be, "Why are we using TLS if the object is not private?," but "What are we not using secure connections for all IETF access, over any modality?" One of the answers seems to be, "Because it sucks." That is the sentiment of the message below. So we are eating our dog food, and we are getting indigestion. Sounds like an opportunity to fix it! -- - Eric On Aug 26, 2011, at 3:32 PM, Melinda Shore wrote: > On 08/26/2011 11:22 AM, Adam Novak wrote: >> For what reasons? Is it that things scheduled every year or every ten >> years are easy for admins to miss? Or is it that it's hard to stay on >> top of certificate revocations when they occur? > > Firewall researchers have found at least one error of some sort in > 99% (yes, really) of the firewall rulesets they've examined. If > I had to guess how many PKI deployments have problems, I'd put it in > the same ballpark. They seem to fall into several broad categories > 1) naming (including SANs), 2) expiration, 3) faulty trust > establishment. These may or may not be fixable, but what doesn't > appear to be fixable is that too people don't really understand what certificates represent, the difference between a certificate and > a key, or what it means to TLS-protect traffic. > > Listen to Ned, Adam. He's right. > > Melinda > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf
<<attachment: smime.p7s>>
_______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf