"John" == John C Klensin <john-ietf(_at_)jck(_dot_)com> writes:
John> Scott, I'll leave it to you, Ted, and your IESG colleagues
John> to figure out what priority this has, but it seems to me
John> that this topic is, at some point, worth some serious
John> discussion. If the security community has really concluded
John> that authentication without encryption is no longer
John> acceptable --and it certainly sounds that way from the
John> discussions of the last week, put into context by
John> Christian's explanation-- then we have a task in front of us
John> to start upgrading or deprecating almost every application
John> protocol we have, back to and including Telnet.
I think most of the application protocols are already upgraded
including telnet. Certainly, LDAP, IMAP, SMTP,XMPP, POP, ftp all work
reasonably well and support binding of authentication to encryption.
I've deployed all of these with the exception of pop in what I believe
to be a secure manner. SIP and related protocols are also securely
designed but for a variety of reasons take a different approach than
most of the applications protocols.
I agree this is an important topic to discuss. My personal guess is
that we're doing a fairly good job of protocol design, but that the
deployment of security still lags behind. Cram-md5 is in fact widely
deployed. There are some real problems that make digest-md5 and
cram-md5 hard to deploy; this is true for things even more secure than
digest-md5 as well. I think we're at a point today where we can
describe the problem to people and tell them they should be using
mechanisms that bind authentication to integrity protection. However
until the security community gets done with a more compelling case for
some of the deployment issues and until vendors pick actually
implement this, I don't think we can go for the sort of mass
deprecation that your mail might contemplate.
Also, I deeply regret the fact that my earlier mail came across as
personal assertion. I was (and still am) hurried and trying to dig
myself out from under a huge mail backlog. I wish that I had a chance
to write something more useful.
Ietf mailing list