Re: Client and server authentication for email

--On Sunday, June 12, 2005 4:08 PM -0400 Keith Moore<moore(_at_)cs(_dot_)utk(_dot_)edu> wrote:

 I think this begs the question of whether currently known
 and   deployable security technologies are actually
adequate to the task   of securing our networks and
networked protocols.


well, yes, it quite explicitly begs to have such questions
discussed, but in their own forum and before Last Call for
functions that use them, rather than after.


Well of course we'd like to understand such questions as early
as  possible.  But that problem is hardly limited to security
issues.

There's a real conflict here that we keep dancing around -
whose job  is it to determine the requirements for a protocol
design?
...


Keith,

One can try to make a general, and unsolvable, issue out ofthis. One can also look at a narrower question, and I think itis that question that has me (and Dave) concerned.

Let's suppose we have a standards track document that says "thisis a technique that can reasonably used in situation X". Maybe,to create the problem of interest, it is sufficient that it be astandards track document and not say "doing this in any form isreally stupid but, if you insist on doing it, this is theagreed-upon way".

Now someone comes along with another protocol or BCP that isbeing designed. We claim we believe in reuse of protocols,rather than adopting a "invent everything anew" approach, solooking for existing tools and protocols is presumably areasonable thing to do. I'd like to think that, if a groupfinds a standards-track document, checks the various indices anddetermines that it hasn't been superceded or moved off thestandards track, and decides on that basis to go use the thing,they have done due diligence. If "still on standards track"isn't sufficient to constitute a "safe to use" recommendation,then I suggest that the IETF is in rather serious trouble. Inparticular, if someone, especially the IESG, shows up duringLast Call and says "use of that thing is evil, please drop it",that is a symptom of a particularly nasty problem.

There are all sorts of other cases where the problems are lotsdifferent and it appears clear that insufficient attention waspaid to existing standards and norms of protocol design. Myrecent appeal about the MMS conversion document identifiesseveral examples. But, here, it seems to me that we have asystemic failure in that, when the conclusion was reached theCRAM-MD5 was no long appropriate for use, that conclusion didn'tlead directly and in short order to an applicability statementthat said, approximately, "don't depend on that thing" and tookit off the standard track.

If that had been done, and the authors of the "Email submission"document had recommended it anyway, we would be having a ratherdifferent discussion, don't you think?


    john

p.s. For Newtrk/ISD discussion fans, note that, if we had thatmechanism in place, the amount of work that would be required todeprecate CRAM-MD5 as described above would have been to getsome level of consensus and reissue the ISD with a "notrecommended any more" sentence and a change in status for theRFC. The level of flexibility anticipated for those documentsis such that it would be reasonable to post an version of theISD with that much change and an indication that an explanationwould follow and/or citations to a few published articles and wecould reasonably expect to have such a notice posted formally onthe ISD within a really short time of the IESG decision toapprove the change. By contrast, doing it today requires thatwe go though the entire process from I-D to RFC, that thedescription of the problems be complete enough for RFCpublication, and that there is no real notice to the typicalimplementer until the RFC is published. Maybe worth a littlethought.



_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf