ietf
[Top] [All Lists]

Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC

2014-07-31 14:39:59
Tom,

It's very difficult to write text that accurately conveys the intent, and is yet
is technically precise.

For example, you wrote:

"Without key management at an Internet scale, authentication is often not possible."

*ephemeral DH exchange is a type of key management, and it works at Internet scale.**So, what I think you meant to say, when paraphrasing Viktor (who made the same mistake in the I-D) **
**is something like*

"Authenticated key management at an Internet scale has yet to be achieved."

*later the text says: *

"Key management at Internet scale is an incompletely solved problem."

*again, missing the necessary qualifier "authenticated"**
**and later:*

The PKIX ([RFC5280]) key management model introduces costs that not all peers are willing to bear and also cannot secure communications when either the reference identity *(not defined in the I-D)* of the peer is obtained indirectly over an insecure channel or the communicating parties cannot agree on a [root?] certification authority (CA).

*This statement is inaccurate. If peers share a common, trusted CA, they can validate one anothers** **certs, whether that CA is a trust anchor ("root CA") in the Web PKI sense or not.**
**
**As you may surmise, I avoided reading Viktor's doc. I will do so now, and provide detailed**
**comments during IETF LC, to address these and other issues.*

Steve