--On Thursday, April 03, 2014 17:44 -0700
ned+ietf(_at_)mauve(_dot_)mrochek(_dot_)com wrote:
...
* authenticity and integrity of data coming from the IETF
site;
Your problem here is people get IETF data from many sources
besides the IETF site. Indeed, alternative data stores may
provide access alternatives for those concerned about being
seen accessing IETF data in the obvious way.
As a result I don't see how transport security offers a
meaningful solution here. We should instead be looking at
various signature mechanisms.
Concur.
If we think there is a real threat and problem that needs to be
solved in this area, we should see documents signed at the time
of posting and those signatures either made part of them or made
readily, easily, and obviously accessible along with any tools
needed to apply them. We should also be sure that careful
questions are asked the relationship between signatures (or
other integrity-assurance) methods and the current IPR policies
allowing duplicates (should we require that the signatures be
preserved or explicit pointers to the authoritative, signed,
copies be provided?) and the RFC Editor's plans about multiple
output formats (e.g., is an integrity check over the XML file
adequate if there is no guarantee the that file recipient can
generate the user-accessible version?) and that answers
evaluated by experts. Those are mostly technical issues --the
stuff we supposedly do well-- and need not be carried out on
this list, just competently reported to it.
More generally, I think the conclusion from Brian's remarks and
those of several others is that what is really needed here is a
serious analysis of what threats actually exist and whether we
care about them. In the absence of a clear statement and
understanding of a problem and explanation of how a particular
technique will significantly mitigate it, these "we have a
technique, should we apply it" questions are, IMO, fairly
meaningless and a very bad example of the kind of engineering
the IETF should be advocating and demonstrating.
Back to trying to get substantive work done.
john