Re: Security for various IETF services

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


--On Thursday, April 03, 2014 17:44 -0700
ned+ietf@xxxxxxxxxxxxxxxxx wrote:

>...
>> * authenticity and integrity of data coming from the IETF
>> site;
> 
> Your problem here is people get IETF data from many sources
> besides the IETF site. Indeed, alternative data stores may
> provide access alternatives for those concerned about being
> seen accessing IETF data in the obvious way.
> 
> As a result I don't see how transport security offers a
> meaningful solution here. We should instead be looking at
> various signature mechanisms.

Concur.  

If we think there is a real threat and problem that needs to be
solved in this area, we should see documents signed at the time
of posting and those signatures either made part of them or made
readily, easily, and obviously accessible along with any tools
needed to apply them.  We should also be sure that careful
questions are asked the relationship between signatures (or
other integrity-assurance) methods and the current IPR policies
allowing duplicates (should we require that the signatures be
preserved or explicit pointers to the authoritative, signed,
copies be provided?) and the RFC Editor's plans about multiple
output formats (e.g., is an integrity check over the XML file
adequate if there is no guarantee the that file recipient can
generate the user-accessible version?) and that answers
evaluated by experts.  Those are mostly technical issues --the
stuff we supposedly do well-- and need not be carried out on
this list, just competently reported to it.

More generally, I think the conclusion from Brian's remarks and
those of several others is that what is really needed here is a
serious analysis of what threats actually exist and whether we
care about them.   In the absence of a clear statement and
understanding of a problem and explanation of how a particular
technique will significantly mitigate it, these "we have a
technique, should we apply it" questions are, IMO, fairly
meaningless and a very bad example of the kind of engineering
the IETF should be advocating and demonstrating.

Back to trying to get substantive work done.
 
   john
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]