Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Aug 05, 2014 at 06:14:19PM +0000, Viktor Dukhovni wrote:
> On Tue, Aug 05, 2014 at 11:43:02AM -0400, Stephen Kent wrote:
> > The bottom line is that a primary
> > motivation for OS is a desire to remove barriers to the use of encryption,
> 
> More strongly:
> 
>     * Yes at least encrypt when possible, but more generally,
>     * Avoid needlessly weak options, and finally,
>     * Strive for stronger security than just unauthenticated encryption,
>       with any peer for which this is possible.

Yes.

To be more specific OS must not preclude things like DANE that can be
opportunistic and provide strong authentication.

It's worth mentioning DNSSEC/DANE because a lot of concerns I've seen
stated about OS (indeed, that I myself have stated) go away when one
considers the use of DNSSEC for learning how to authenticate a service.

(Or, perhaps, such concerns get transmutated into concerns about the
lack of compromised/adversarial parent zone MITM detection in DNSSEC.)

> Do no forget that during the saag discussion that preceded this
> draft, this was one of the main differences between our views, and
> that I do not subscribe to the view that opportunistic security is
> a narrow response to PM or that it should be limited to promoting
> just unauthenticated encryption.

More than that: why should OS stop there?

> > and removing the need for authentication based on certificates is a good way
> > to do this.
> 
> Not "removing", rather "not requiring".  We lower the floor,
> but not the ceiling of the range of acceptable protections.

More +1.

And, really, +1 to the rest of Viktor's response.

Nico
-- 





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]