ietf
[Top] [All Lists]

Re: Security for various IETF services

2014-04-03 21:04:55
On 4/3/2014 5:26 PM, Brian E Carpenter wrote:
I think we need to distinguish various
quite separate issues. Off the top of my head, I can see:

What I like most about Brian's list is that it seeks to gain some discipline an clarity about what might be done and why. As Ned's responses shows, this requires even more clarity and -- depending on what answers we give -- different difficulty.



On 4/3/2014 5:29 PM, Randy Bush wrote:
> because we blew it way back when, by designing a completely insecure
> and un-private internet.  as supposedly responsible and occasionally
> competent engineers, we should rectify our mistakes.

This promotes a collection of popular myths which both give a false history and a false (and counter-productively distracting) present.

The presumption that 'security' was ignored "way back" is simply wrong. Both in the 70s and again in the 90s, security issues were given attention. In the 70s, the primary answer was encryption boxes, for those special cases deem to need them. In terms of the technology of the day, when combined with the nature of the scale and use of the Arpanet and eventually Internet, that was a reasonable choice.

In the 90s, we got PEM, PGP, S/MIME and the beginnings of DNSSec.

The experience of the 90s nicely highlights the problem with the second myth, that we merely needed to 'decide' to do 'security'. As the increasing list of problematic security-related efforts over the last 25 years demonstrate, doing 'security' for Internet scale and diversity is a challenge, often appearing to be beyond the state of the art.

Note how little DNSSec we still have. Note how little PGP and S/MIME use we still have. All three of those were diligent, reasonable design efforts. Yet their deployment and use remains problematic.

Added to this is that the word 'security' is almost completely meaningless in technical terms. For most technical discussions, it's so vague there's no way to know what specific problems are of concern or what functions are intended.

So please, let's focus on the kind of disciplined, targeted effort that Brian is promoting to consider needs and solutions, and move away from mythology.

d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net