RE: draft-ietf-opes-threats-03

On Tue, 9 Dec 2003, Abbie Barbir wrote:

> u really need to recharter if u want to address current concerns.
Not if they are concerns can be addressed with clarifications, without
new development.

> They are complaining about bad certificates.
> From the note on ID tracker, IESG seems to be concerned about one
possible way to implement hop-by-hop encryption. We can show other,
cleaner, existing ways.

> Basically, we can not (OPES) be in the way without comming up with a
> new model.
I disagree. There are existing alternatives (even deployed systems,
but that info may not be public) that we can point to.

Alex.


> > -----Original Message-----
> > From: Alex Rousskov [mailto:rousskov(_at_)measurement-factory(_dot_)com]
> > Sent: Tuesday, December 09, 2003 12:51 PM
> > To: Barbir, Abbie [CAR:1A11:EXCH]
> > Cc: Markus Hofmann; 'ietf-openproxy(_at_)imc(_dot_)org'
> > Subject: RE: draft-ietf-opes-threats-03
> >
> >
> > On Tue, 9 Dec 2003, Abbie Barbir wrote:
> >
> > > U need to recharter first.
> > Not if we are addressing current IESG concerns about an
> > existing WG document with a couple of paragraphs, I guess. I
> > am not proposing any new "real work" in this direction.
> >
> > Alex.
> >
> > > > -----Original Message-----
> > > > From: Alex Rousskov [mailto:rousskov(_at_)measurement-factory(_dot_)com]
> > > > Sent: Tuesday, December 09, 2003 12:03 PM
> > > > To: Markus Hofmann
> > > > Cc: 'ietf-openproxy(_at_)imc(_dot_)org'
> > > > Subject: Re: draft-ietf-opes-threats-03
> > > >
> > > >
> > > >
> > > > Markus,
> > > >
> > > >         I am somewhat surprised there is something special that
> > needs to be
> > > > developed for a hop-by-hop encryption model, but I do not
> > know what
> > > > IESG had to say about this issue (beyond a cryptic
> > statement on the
> > > > ID tracker). If IESG turns this revision around again,
> > let's discuss
> > > > how we can document hop-by-hop encryption to address IESG
> > concerns.
> > > > Thanks,
> > > >
> > > > Alex.
> > > >
> > > > On Tue, 9 Dec 2003, Markus Hofmann wrote:
> > > >
> > > > > Folks,
> > > > >
> > > > > this updated version of the draft addresses issues in Section
> > > > > 2.2.7 that came back from IESG review.
> > > > >
> > > > > The section has been re-written to clarify that - for now -
> > > > the OPES
> > > > > work assumes either no encryption (in which case OPES
> > > > services can be
> > > > > performed) or end-to-end encryption (in which case no OPES
> > > > > services can be performed). If encryption would be desired
> > > > > hop-by-hop, an appropriate model will have to be developed.
> > > > >
> > > > > We'll re-submit this version to the IESG.
> > > > >
> > > > > Thanks,
> > > > >    Markus
> > > > >
> > > > >
> > > > > Abbie Barbir wrote:
> > > > >
> > > > > > Please publish the following
> > > > > >
> > > > > > draft-ietf-opes-threats-03
> > > > > >
> > > > > > as a WG Draft.
> > > > > >
> > > > > > Thanks
> > > > > > Abbie