Re: Want a BoF at IETF 62?


On Tue, 2004-12-28 at 11:03, ned(_dot_)freed(_at_)mrochek(_dot_)com wrote:

It is time to decide if MASS is going to have a BoF at IETF 62.  As you
know, one was not held at IETF 61.  Is the group ready to nail down a
charter and milestones?


I'm afraid I see no consensus here at all on what problem we're trying to
solve, let alone on the right way to solve it. Instead, we're engaged in the
time-honored IETF practice of letting the unattainable best be the mortal 
enemy
of the good enough.

As such, I think a BOF would be a complete waste of time.

Sorry to have to be so pessimistic, but that's how I see it.


I hope things change shortly.  There has been some willingness to accept
changes on behalf of Yahoo.  I think there is a way to merge Cisco and
Yahoo efforts by way of an extension to the Yahoo header tagging scheme.

If I were to define the problem, it would be establishing a means to
allow the MSA, on behalf of the Sender domain, sign mail as an
authentication of the entity granting initial access.  Whats left seems
like minor implementation issues independent of such a goal.

This leverages an existing plethora of solutions authenticating the MUA
and grants freedoms based upon policies established by the MSA for
Originator assurances.  This avoids waiting for consolidation of the
thousands of applications on both signature and key distribution
methods, as this approach would constrain efforts to the MSA/MDA arena. 
There should be only a need to distribute private keys to specific
MSAs.  There are already Originator based solutions that demonstrate the
difficulty and expense associated with distributing keys to users.

This approach delegates access accountability to the domain rather than
each user and also allows a substantial difference between Originator
assurances made by a financial institution versus a coffee shop, as
example.  For the larger corporations, there is always the submission
port and a need to log all out going mail anyway.

What do you think about William Leibzon's idea of retasking:
Using DNS to Securely Publish SSH Key Fingerprints?

http://www.ietf.org/internet-drafts/draft-ietf-secsh-dns-05.txt

-Doug

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Want a BoF at IETF 62?, (continued) Re: Want a BoF at IETF 62?, ned . freed Re: Want a BoF at IETF 62?, Michael Thomas Re: Want a BoF at IETF 62?, ned . freed Re: Want a BoF at IETF 62?, Michael Thomas Re: Want a BoF at IETF 62?, ned . freed Re: reputation, was a BoF at IETF 62?, John Levine Re: Want a BoF at IETF 62?, John Levine Re: Want a BoF at IETF 62?, ned . freed Re: Want a BoF at IETF 62?, Jim Fenton Re: Want a BoF at IETF 62?, Douglas Otis Re: Want a BoF at IETF 62?, Douglas Otis <= Re: Want a BoF at IETF 62?, Dave Crocker Re: Want a BoF at IETF 62?, william(at)elan.net Re: Want a BoF at IETF 62?, Andrew Newton RE: Want a BoF at IETF 62?, Hallam-Baker, Phillip Re: Want a BoF at IETF 62?, Mark Baugher RE: Want a BoF at IETF 62?, ned . freed RE: Want a BoF at IETF 62?, Hallam-Baker, Phillip RE: Want a BoF at IETF 62?, Paul Lambert RE: Want a BoF at IETF 62?, ned . freed RE: Want a BoF at IETF 62?, Douglas Otis

Previous by Date:	Re: Want a BoF at IETF 62?, Mark Baugher
Next by Date:	RE: Want a BoF at IETF 62?, Hallam-Baker, Phillip
Previous by Thread:	Re: Want a BoF at IETF 62?, Douglas Otis
Next by Thread:	Re: Want a BoF at IETF 62?, Dave Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]