From nobody Wed Dec 2 05:42:28 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B73703A13E8 for ; Wed, 2 Dec 2020 05:42:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.002 X-Spam-Level: X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nTCGC8fIVmLy for ; Wed, 2 Dec 2020 05:42:23 -0800 (PST) Received: from GBR01-LO2-obe.outbound.protection.outlook.com (mail-eopbgr100107.outbound.protection.outlook.com [40.107.10.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83E703A13DE for ; Wed, 2 Dec 2020 05:42:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gfonIo2ga99BTFJgaESP0hV9m3xOEJEzNAuwywzRcK2/pINpO0JmGq/fKTWSZAs8aRecUx3brNK9Rn8/ziaVPcva4qPGJPLkWEjuBaWApQdUT+FdI9LcMrBXQjNgQMbTfhS59ll5ZpJqIFJw/vs3nAEqafxi0Io+h5+q913yJdaiUlffakRzs4zS8ygf/phxIPbRpWoV/DCxY/037WXGfWa9roVqun6MPJJkIXxZTVWwv/1DYUpzAxphZFcg5pZB1ciQjko6QXI0TwL+GO+NQiFPF8CfN5l4zUGhG9EKeQ4D74ARAkNBsRGHZqOXouI0Jy34LYoaTiwCziaQ2MTCrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IPYRNRopePRSpKr8m6HsTioJBda6uCTIUDswhkbm264=; b=TXU6/55ErqRe2IlMMI5NiMdCMboa7u8aaEzxpG3RTdUXUQ0naIeEhEBsNqmBdAOUkdIMZw/rRY0XTKSi5qzqeMymedExmHMNcbzt82/W3YevcZokbwCiOaTWOAkqAPEfkk8Jb7Yrs76A4blV8ysvypGBssctd3VNf+hlUDnm4Wo+7mubtFXj8GytPz1cBCmEhCYX5oDcbfUfE4/BqBp1RxFWy/t1+mEurmJM5HfOp5mVi6YmImoobUHL0hB6MQ3RncSiiTYWlP0zhxi3xG6Ey7/q/ajvcHBqrAvwjvMX3vZAKUJnK2UxIqIjsyJ3Lu/Yd+gJ1fQ5eYt8rVpFcnme3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IPYRNRopePRSpKr8m6HsTioJBda6uCTIUDswhkbm264=; b=BRoTdjuUbhNI41wjL90phhszntoXa5qfjNqU0xMGFoEd74eahxPrnYWXfcOVwWNzgvvaoF+3FlebdbqnEIbxX0gjknzW3YZljTuWCN2ApZmVLK0n/+b91qjUM+IQ3IQrWk0DLVRYnB3wN0v67Zd1OCr0R7dUKTTEw6Q6MroaeWIKWy7somgfbIPYWIUJ0oUX11FEjoHhwe9Cx2iqTghyW9+mHJFtDPtHUCOE2fU1JgB6ox7MJ8i7Mo5fSR9+pdNj2wo/PIV7/jVCuzwJajx4T+Wp+ebZXwFgPXF/07mv1FqB3EWwCSojLfJmrMvNr/0dqG3AKwSWFIda4JbxCOTtag== Received: from LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:bd::12) by LOYP123MB2816.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:ef::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.18; Wed, 2 Dec 2020 13:42:21 +0000 Received: from LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM ([fe80::548a:ea39:b548:4be0]) by LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM ([fe80::548a:ea39:b548:4be0%7]) with mapi id 15.20.3611.033; Wed, 2 Dec 2020 13:42:21 +0000 From: Andrew S2 To: "saag@ietf.org" , "model-t@iab.org" Thread-Topic: NCSC Protocol Design Principles Thread-Index: AdbIrSOpOjfBozarTB+kE/htjVffyA== Date: Wed, 2 Dec 2020 13:42:21 +0000 Message-ID: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ncsc.gov.uk; x-originating-ip: [51.132.68.128] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b602801d-1e44-44a7-260e-08d896c817fa x-ms-traffictypediagnostic: LOYP123MB2816: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: FIH1RALDmbRByv69jAPpW1tZgCV785DT6TChJiMbUFYVENwfbOMLikXw/40y6feFx6GttnyzMpTGOFJoWEiKjm+SO85OugVOwytydRzdUn75sEGmBIYmi2VKzi6NUjBZDuFMqYg2vz0JO8wvHIZbnFP84Ekpqx8wj/3byqtSLv4xVg4WQlZHsE0IC5kxA6AgahSrG4dQpXuXpTqsAErkCbvWYf0nq1D7BDlygIcMbfAjz3fiM8CJxjaE4ZlPlWPDycQuecE9pL1peDRUcmOoeZ0zueOj72Jcr6eLHwWzXeraEw550w6YT38xNmF/wkKhS8hCGincXlMERTPMAAJoNGOnwMmNyFOS1oxCzrTLLJVkLrlaQax8Ak/2OGdUXwOcLtDp3dGZDK7IenrRH8WgLg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(376002)(346002)(396003)(136003)(39850400004)(55016002)(66574015)(83380400001)(9686003)(166002)(8676002)(5660300002)(2906002)(52536014)(76116006)(66946007)(66556008)(66476007)(8936002)(64756008)(3480700007)(66446008)(966005)(26005)(86362001)(186003)(71200400001)(110136005)(316002)(7696005)(33656002)(6506007)(478600001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?dcrgmVe2hVxcpGD+EyFyC5K0alTKUJhFd1OCn1xEp7CesSmXAO0OAdo4llMu?= =?us-ascii?Q?tqWPVjgsyZu13q57C2Ji3BJb7HGa60pi9H++h4G9xNeMnxASnPHo+7YPp9UX?= =?us-ascii?Q?McDC2Dr+ta+68GN2Bc5oWJ9Fr167JMXBJeFwFnDdGfpGnbtqg592WFcp0K3I?= =?us-ascii?Q?bIiAhowYZmNbI3Jcnqj344LoJIhouipjHKLAnacvAEVqyZ3pNFdKQtBlYMex?= =?us-ascii?Q?oo2psTqm0iu/J9wMVfzdJ8xUrC2gzHjz9M63WL0WmE2Fue8VV2xjNRkWmfjL?= =?us-ascii?Q?x+qn9zP12ibTWeIBLTTvx+541k1r7X2/u1ml5V/dVWk+NuXabCCK7bLdris+?= =?us-ascii?Q?JAbE0veX3mIoSwuSbQ3q40FMlsF4JOcC11AQPZkrQLK6XVIjDPcvzMRjlabR?= =?us-ascii?Q?vlwm0bZy4JydbRTMLNHdqX7S3+EJQqM0ud+Inm1JhzbPERFCHypJAjjhAujq?= =?us-ascii?Q?1NcHFqDIztE63DQCKaPccXAXdUNRNZNs0eMsqHd9pE1a8R9XBmwVqxFEMxzL?= =?us-ascii?Q?4iKedVZ39tjIC/+J1BEqwqBb93rL1qVTaav0Gvgvq2Qy2LqUagYpTG41kz8P?= =?us-ascii?Q?sRIqDkV2eHxAGxCJxHj3GgRNj8oQTb5LpksbhxyQQcQXJr34tQoTvDi2/rBN?= =?us-ascii?Q?kscHx/c0ifv7K2X1vqNUpP4zyB2LQG4PYHW1qhs/h/o8owlDRPttvffrdbB5?= =?us-ascii?Q?pw4klwTqWPAWk3PF46mvnBuqt9iWclABAAjk7QUN7x434Qu44LAqVn9QVMHl?= =?us-ascii?Q?hKlhdyCjJQ/2wOCT1oaPq7eFk3w74xvb0eyYjVXrNJxLP6TajF6gf2EXwI2r?= =?us-ascii?Q?qi+QIoFs8BEXU1KsgNlXD1B56SLSEZw6YCLFFlrlHTNjKRW07Auc30LqZ0P4?= =?us-ascii?Q?iY9QVUm+GZKvo8AwbGtCNHlcvnlmLbR8BNkMinGnhzo2dsxtpLWulFiFoIWo?= =?us-ascii?Q?oPsOTWrm7dALTVJX2g51umKLq8o/MZYoznkJA2vMh4I=3D?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_LO3P123MB3547597EF58E8A0654158884E3F30LO3P123MB3547GBRP_" MIME-Version: 1.0 X-OriginatorOrg: ncsc.gov.uk X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: b602801d-1e44-44a7-260e-08d896c817fa X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2020 13:42:21.1824 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BJDj6NkNvMBkJ0tAwwcyz6rGq4cZcqXevlL4IiwBcvYHmVyxCj5CUdgzYRcXDoUSEdNispJBAWxZ5KZNR4CNqw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LOYP123MB2816 Archived-At: Subject: [saag] NCSC Protocol Design Principles X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 13:42:26 -0000 --_000_LO3P123MB3547597EF58E8A0654158884E3F30LO3P123MB3547GBRP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, NCSC published its Protocol Design Principles white paper this week: https:= //www.ncsc.gov.uk/whitepaper/protocol-design-principles. These principles have been writte= n with the primary aim of helping protocol designers consider a range of is= sues relevant to security, but also to aid deployers and implementers in as= sessing protocols. The principles put user needs at the heart of the design= process. The paper outlines some of the major changes that have taken place with the= internet over recent years, and outlines motivating goals for user securit= y. In the context of these changes, and security goals, the paper defines t= hree main principles: 1. Prioritise the use case 2. Keep it simple 3. Think about the bigger picture Each of these includes detailed sub-principles that aim to help designers m= eet the motivating security goals in today's technology landscape. Our goal of seeing protocols designed securely for the internet naturally h= as parallels with the IETF's work and, in particular, this white paper coul= d be of interest to the IAB's model-t programme. The key first step in desi= gning a protocol securely is, as we cover in the paper, to define the threa= t model it operates in. We believe this paper will be of particular interest to those involved in m= odel-t as well as the security area more widely. We hope you find these principles useful, and we welcome any feedback, eith= er by email to pdpfeedback@ncsc.gov.uk or v= ia our GitHub page at https://github.com/ukncsc/protocol-design-principles<= https://eur03.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgithub.= com%2Fukncsc%2Fprotocol-design-principles&data=3D04%7C01%7Candrew.s2%40ncsc= .gov.uk%7C91b7c7673227437aa73408d896c3b33e%7C14aa5744ece1474ea2d734f46dda64= a1%7C0%7C0%7C637425114548163806%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA= iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3DsWZZ0lSB0nYj= nDQnwjLCxjQSqB5uP4daPNOvPNYFgc4%3D&reserved=3D0>. Many thanks, Andrew This information is exempt under the Freedom of Information Act 2000 (FOIA)= and may be exempt under other UK information legislation. Refer any FOIA q= ueries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright (c) --_000_LO3P123MB3547597EF58E8A0654158884E3F30LO3P123MB3547GBRP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi all,

 

NCSC published its Protocol Design Principles whit= e paper this week: https://www.ncsc.gov.uk/whitepaper/protocol-design-principles. These pr= inciples have been written with the primary aim of helping protocol designe= rs consider a range of issues relevant to security, but also to aid deploye= rs and implementers in assessing protocols. The principles put user needs at the heart of the design proces= s.

 

The paper outlines some of the major changes that = have taken place with the internet over recent years, and outlines motivati= ng goals for user security. In the context of these changes, and security g= oals, the paper defines three main principles:

1.      &nbs= p;            &= nbsp;  Prioritise the use case

2.      &nbs= p;            &= nbsp;  Keep it simple

3.      &nbs= p;            &= nbsp;  Think about the bigger picture

Each of these includes detailed sub-principles tha= t aim to help designers meet the motivating security goals in today’s= technology landscape.

 

Our goal of seeing protocols designed securely for= the internet naturally has parallels with the IETF’s work and, in pa= rticular, this white paper could be of interest to the IAB’s model-t = programme. The key first step in designing a protocol securely is, as we cover in the paper, to define the threat model it opera= tes in.

 

We believe this paper will be of particular intere= st to those involved in model-t as well as the security area more widely.

 

We hope you find these principles useful, and we w= elcome any feedback, either by email to pdpfeedback@ncsc.gov.uk or v= ia our GitHub page at https://github.com/ukncsc/protocol-design-principles.

 

Many thanks,

Andrew

 

 

 

 

 

This information is exempt under the Freedom of Information Act 2000 (FOIA)= and may be exempt under other UK information legislation. Refer any FOIA q= ueries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©= ; --_000_LO3P123MB3547597EF58E8A0654158884E3F30LO3P123MB3547GBRP_-- From nobody Wed Dec 2 05:46:13 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 106B03A13F6 for ; Wed, 2 Dec 2020 05:46:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.102 X-Spam-Level: X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWGm1jo9kVco for ; Wed, 2 Dec 2020 05:46:09 -0800 (PST) Received: from GBR01-LO2-obe.outbound.protection.outlook.com (mail-eopbgr100097.outbound.protection.outlook.com [40.107.10.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6D683A13F2 for ; Wed, 2 Dec 2020 05:46:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fXzUw2O8DBH0OI6hNA3nFstb/uSO0lEXgeKxiBIyON/3+IflibpDj4G2gh2YGIltqEIrYVfYh9DEBslkyVxxn1xbAkr2jfzihLeXLsl242tsAE/s/7RU+sfE+yxuOno3mvxHZw9oe/M7C6kXSJmH2GwLw7xKKOKIei4lgpV5wNjGWc49plzrOJLLHPtCweoG2FHbQRU6ZQduzTnvbgveBBG0D1mccfSKtMc7WDsFBebmsE97gif3yvstV1t12/TE7IgdoLuUvfCPvLdQZwo9B6OmKaSNRJs+vSlJb1VNuhkFRl3mr6ByJ4/LYnl2bNuykjefFRRLDI3/dN9mADd5Jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lJDr6axFEa1WINPhxypy80AgjZeVNkFuxEEA2acGpJI=; b=Wl25FGoVxizTnj+eBj/VMQYfKcaVXfd3AmJp1vlXNqOeUpCaUGAVSCbMRUV8c1e5ArW5umI23TnuM1kjZFdxpIdLEdb6b2/7Fr42LCzWkwDx1jnCJA6dQJYeud+zfO+P3gM43sOWc3sn8KRueqpGtaDWg2bou/AfCh/jDnSaTzwkOVqanOvl1G10ivuN8ihQDQ3X1CnGraTwXoDf58tVMBnmQ3xZE7Hh7DCD6hWfkyM3uV8sopDVqFADpV1s7KcIgUxdUK/LrPH/xsi7s+b/8S08foJZFVH4yJrg5MKoZ6mClcYtrpQSg04UF+iW9h9wydEeYnaleMMCBnAf6EYzFQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lJDr6axFEa1WINPhxypy80AgjZeVNkFuxEEA2acGpJI=; b=Tc9Sxi07WjjF6VAjWMNVPQRCXPi2qIjO4J39y2uxd/RdKDIsyNX+gur9pH4Zj+/iK6E6N0iq2rTUtRYIEsnjCG2tMMRHcLf3sa9sNVhhkdRaJOU/2GeawawYouY7cHdafShF1CWbRu5azmOxwHj6bOLLN6DJB6mtByld5TOVj5nx6Vw2zO5ZqxmdaFeCP0jMXLc+Uutc4SZCtw9lp5iWkezOhYFTLNRDb3Q3oYv6svgvkRmEdV/4ONoXSGB89/n+VhV8aWk5xrj/SogsyReZj84kPRztc6XGrCIdzFJct7xBDxKhb7hvZEi2t260TjBoCLpV4JzExmNmiRUGagjmoQ== Received: from LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:bd::12) by LOYP123MB2816.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:ef::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.18; Wed, 2 Dec 2020 13:46:06 +0000 Received: from LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM ([fe80::548a:ea39:b548:4be0]) by LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM ([fe80::548a:ea39:b548:4be0%7]) with mapi id 15.20.3611.033; Wed, 2 Dec 2020 13:46:06 +0000 From: Andrew S2 To: "saag@ietf.org" , "model-t@iab.org" Thread-Topic: NCSC Protocol Design Principles Thread-Index: AdbIrSOpOjfBozarTB+kE/htjVffyAABBbwA Date: Wed, 2 Dec 2020 13:46:06 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ncsc.gov.uk; x-originating-ip: [51.132.68.128] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f16e390c-d05f-4dcb-8f07-08d896c89e4e x-ms-traffictypediagnostic: LOYP123MB2816: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: iyvBHYyNtepcVDb8dj1xGYmS/kv7yjZspFwHPDw9wqohpDkg8cn789HUvbWQVJEENA/tp7xowFnG8oT/pSQ30kJ5yb1JSjayzOvf6El8rd0QLciawJDe2dbJ5/deDW3qTB5X2qOjNDBxaBud+00n20jhHoywuNkYLhI7al7cni+2+3lzlIX+I8qkkiMMCa09DPbjnVBJOhtL6hs4KhZm43bi2TVpHmRBG1NOjJgejP5ccRPZirLPb0Jyy9cvYSwlBr8LN0qEcJC4jgH3daIjgwtCBQMPict06QzlZnnl5d+5Ctzlo+LoTUhilVdcYPoWc+h4jHmoOwq3BcmEf/33F9jgAnrdTBHNAnhacdqP1sO27EkoNBe+x2G37RefFiHrvVHrzySy/NPtHQqWi1fv+Q== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(396003)(39850400004)(136003)(346002)(376002)(366004)(110136005)(316002)(966005)(71200400001)(186003)(86362001)(26005)(6506007)(53546011)(478600001)(2940100002)(33656002)(7696005)(166002)(8676002)(55016002)(66574015)(83380400001)(9686003)(66946007)(3480700007)(66446008)(66476007)(66556008)(76116006)(8936002)(64756008)(2906002)(5660300002)(52536014); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?iZ9jjZF7YIPgkVPsQxHaHKiuUJ2fUGHb9bG8SNeRyczl9yTyBIzxOGdY1VZ0?= =?us-ascii?Q?12nRTHEWQSPJMRU7KUr/CjOL7vU51zlDpmRmuOgOOaALjj6QqXnopfPzqB2N?= =?us-ascii?Q?yzd0IxmtdiGTLX4cp+oTFADzuXH0x0eyr83X3Y2H2yfDbL+Sanys00iixEFZ?= =?us-ascii?Q?JUCQpAfjM8eVCx4fUzJOWIK/WxYULqZ3NI+gVV9BOXMZW3ZG0N5ziPAFl0JQ?= =?us-ascii?Q?dluLtBVUIihK09L5MiG9JjNg6QvVswZ9+iSyomVWATUUon0mfwsKZEiaaO2X?= =?us-ascii?Q?5SPg/O7lxh6Mkbp1ByAV8VrTHvDAkyRAhtz2gssUvdiliceTgwctonuc836X?= =?us-ascii?Q?8t7GbdduRyTJApi8zCd4NaT3ZvaaL/AxpriyyKvQtpoJLTNzPSwsVTl+DEiV?= =?us-ascii?Q?LzmDx2w/ycKzPk1QREy9pEWiv5+N2G6nznVyyGaojLRZ/2wVLBGcSSqZ45zK?= =?us-ascii?Q?372GVqKvnnN9E9PPuHRpKl98PiPv0+86d4D3jBVU9Spc1QzL57DFz9jh11Wb?= =?us-ascii?Q?M0uJ8KSndxokOtiq+kkpQ/gfwkix6QW3mQ/B/miqvBuC5bJ7WXF3FuV7482J?= =?us-ascii?Q?0YvQjexb2zQbUNHR7hbFr4MmG8IH3oEbjPEaaZXhL6sDaCnvT5tCmPshIIwr?= =?us-ascii?Q?lbYN+ZL9nLCBbfsV1xCJ8Ik+KWhIOIpG1tX5N2AXoXh7P1VoeOwu2lQajwPr?= =?us-ascii?Q?V0SsEEy4Nnswb+8xteRnFQuwOWcH2f2Kd3rqMzkTC3jeuJJ/9Ijwp7kPP6Sl?= =?us-ascii?Q?fH0hPm9Iw71QtuHPWmylFXFHxpLfEYeAC7ODeOiH1ZpGWZogvqfAlkWEoX6S?= =?us-ascii?Q?/oPOcKmXI9YU/xoL/wWX9StDIvKjaN/jqJwW6DGEgBCJIKz5J+gIRZDOv/Fv?= =?us-ascii?Q?bnov0/Lps1elqMbRejl6SPHWoz7BYoAhsk84Yim8jCLa3skipAMCZswdkj9i?= =?us-ascii?Q?c+vBFV82xcFBV6AjT4E4hZABKw4jjqEiom0DlhSIhG8=3D?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_LO3P123MB354717F600B9161C20C5EF1EE3F30LO3P123MB3547GBRP_" MIME-Version: 1.0 X-OriginatorOrg: ncsc.gov.uk X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: LO3P123MB3547.GBRP123.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: f16e390c-d05f-4dcb-8f07-08d896c89e4e X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2020 13:46:06.5752 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: mVPelwd1nENr4Km39mjuwGgtIUZLm7lbcNmtkqo6s9RmoMpS0c5BdPVUZd7j+pdOaszK/nLDleMHWo58isP3qQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LOYP123MB2816 Archived-At: Subject: Re: [saag] NCSC Protocol Design Principles X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 13:46:11 -0000 --_000_LO3P123MB354717F600B9161C20C5EF1EE3F30LO3P123MB3547GBRP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Apologies for the broken links, the links below should work correctly. Andrew From: Andrew S2 Sent: 02 December 2020 13:42 To: saag@ietf.org; model-t@iab.org Subject: NCSC Protocol Design Principles Hi all, NCSC published its Protocol Design Principles white paper this week: https:= //www.ncsc.gov.uk/whitepaper/protocol-design-principles. These principles h= ave been written with the primary aim of helping protocol designers conside= r a range of issues relevant to security, but also to aid deployers and imp= lementers in assessing protocols. The principles put user needs at the hear= t of the design process. The paper outlines some of the major changes that have taken place with the= internet over recent years, and outlines motivating goals for user securit= y. In the context of these changes, and security goals, the paper defines t= hree main principles: 1. Prioritise the use case 2. Keep it simple 3. Think about the bigger picture Each of these includes detailed sub-principles that aim to help designers m= eet the motivating security goals in today's technology landscape. Our goal of seeing protocols designed securely for the internet naturally h= as parallels with the IETF's work and, in particular, this white paper coul= d be of interest to the IAB's model-t programme. The key first step in desi= gning a protocol securely is, as we cover in the paper, to define the threa= t model it operates in. We believe this paper will be of particular interest to those involved in m= odel-t as well as the security area more widely. We hope you find these principles useful, and we welcome any feedback, eith= er by email to pdpfeedback@ncsc.gov.uk or v= ia our GitHub page at https://github.com/ukncsc/protocol-design-principles. Many thanks, Andrew This information is exempt under the Freedom of Information Act 2000 (FOIA)= and may be exempt under other UK information legislation. Refer any FOIA q= ueries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright (c) --_000_LO3P123MB354717F600B9161C20C5EF1EE3F30LO3P123MB3547GBRP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Apologies for the broken links, the links below shou= ld work correctly.

 

Andrew

 

From: Andrew S2
Sent: 02 December 2020 13:42
To: saag@ietf.org; model-t@iab.org
Subject: NCSC Protocol Design Principles

 

Hi all,

 

NCSC published its Protocol Design Principles whit= e paper this week: h= ttps://www.ncsc.gov.uk/whitepaper/protocol-design-principles. These pri= nciples have been written with the primary aim of helping protocol designer= s consider a range of issues relevant to security, but also to aid deployers and implementers in assessing proto= cols. The principles put user needs at the heart of the design process.

 

The paper outlines some of the major changes that = have taken place with the internet over recent years, and outlines motivati= ng goals for user security. In the context of these changes, and security g= oals, the paper defines three main principles:

1.      &nbs= p;            &= nbsp;  Prioritise the use case

2.      &nbs= p;            &= nbsp;  Keep it simple

3.      &nbs= p;            &= nbsp;  Think about the bigger picture

Each of these includes detailed sub-principles tha= t aim to help designers meet the motivating security goals in today’s= technology landscape.

 

Our goal of seeing protocols designed securely for= the internet naturally has parallels with the IETF’s work and, in pa= rticular, this white paper could be of interest to the IAB’s model-t = programme. The key first step in designing a protocol securely is, as we cover in the paper, to define the threat model it opera= tes in.

 

We believe this paper will be of particular intere= st to those involved in model-t as well as the security area more widely.

 

We hope you find these principles useful, and we w= elcome any feedback, either by email to pdpfeedback@ncsc.gov.uk or v= ia our GitHub page at https://gi= thub.com/ukncsc/protocol-design-principles.

 

Many thanks,

Andrew

 

 

 

 

 

 

This information is exempt under the Freedom of Information Act 2000 (FOIA)= and may be exempt under other UK information legislation. Refer any FOIA q= ueries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©= ; --_000_LO3P123MB354717F600B9161C20C5EF1EE3F30LO3P123MB3547GBRP_-- From nobody Mon Dec 28 12:21:38 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37DF83A0D75 for ; Mon, 28 Dec 2020 12:21:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.603 X-Spam-Level: X-Spam-Status: No, score=0.603 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWmGpC0CZPaS for ; Mon, 28 Dec 2020 12:21:35 -0800 (PST) Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 126D53A0D73 for ; Mon, 28 Dec 2020 12:21:34 -0800 (PST) Received: by mail-vs1-xe2c.google.com with SMTP id j140so6109311vsd.4 for ; Mon, 28 Dec 2020 12:21:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=0mvsSzn9Kwh7DiSusfnllxog0IbRbGcHrHcu0+QyQM0=; b=F1ORzvDJnCM7teocZ8OatgvlWlwVRgy88DTfc2CUiXviq/3qJGfLRcQ65Px/wY91L1 +fDBEO1SmFXvC1Mc663pOO5cazRlEb72GNVq6bkQ0WgRQr+MdcR3qNG7veFj7WolNRXB iXQxAQDwgluFcwPxuZnA0jEOs87DwHpUPgElmpWjMyBtc44qVMFWT5T/BF17fDSBC0nA FxIXTSoWWqQnBzNR+0XhTDqO+hsma1PJxZyhPHKtlKeiYkaVzTq5miyX4IqqgBPPVDpG oPhbftD2Xxq6NqWhVzSGzcR0LWy/j7iCcj+JyrjtCV+umcLILYesQz8jIMEcQJdqFUnl 3Ilw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=0mvsSzn9Kwh7DiSusfnllxog0IbRbGcHrHcu0+QyQM0=; b=DOpWo9SHcgQzx0BlQxAGCtK7DACcm1HBxzRDfB3wMAOrXkO0XwEpKDe2Ugt2OONF61 Kprm2ZDAz6+rLFGlEHnG3tmxpmiiRRRtFG9tz1+sTHDxGTwQTuKTE0T6vAO5hu2oaRra ao4Q9HHaxDkQFYLnhes8sfhkWuAMGjJmUURJQF5A/MfyQjVDOgIUuK5FNQCn7mMOZT7a ldvkY7dHR43h3fYodr9CnDP6YLG2keS8HIzaTVurFbq9254oTJt3QuQC2nHkj3SwgOBW xmdEW1PfNtbtnGcHP6HCEPf2Mq4rpBtHLSQQ0nr6gQDBZXhnRQF6Yb9MyJg1vawM2UVJ PwdQ== X-Gm-Message-State: AOAM533z2wTCuz9QsEHbZ5T0WWe/d4ZgtbTmjW2R9LNWf2WWdOtj2/n6 LeUK2ihW+B/yeolC0Z84jmdvJZitMBFiLRRaIcLrgwkDK9s= X-Google-Smtp-Source: ABdhPJz99B+N83rqlE9ySweIxn5syEYu+B2YwbzagtuvmuRLxNqPyRsXVhBjK+EyGYITMyo6wcAHCUCMyDuto/QtsAk= X-Received: by 2002:a67:1142:: with SMTP id 63mr26823479vsr.24.1609186893711; Mon, 28 Dec 2020 12:21:33 -0800 (PST) MIME-Version: 1.0 From: Ira McDonald Date: Mon, 28 Dec 2020 15:21:18 -0500 Message-ID: To: saag@ietf.org, Ira McDonald Content-Type: multipart/alternative; boundary="0000000000002d4f2f05b78c0570" Archived-At: Subject: [saag] Will there be an RFC4949bis? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2020 20:21:36 -0000 --0000000000002d4f2f05b78c0570 Content-Type: text/plain; charset="UTF-8" Hi, The Internet Glossary is a very useful resource to many authors and many SDOs. But it was published in August 2007, several eras of technology in the past. Since the definitions are often out-of-date in their references to source SDO definitions, they are sometimes inaccurate for current usage. Just wondering. Cheers, - Ira --0000000000002d4f2f05b78c0570 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

The Internet Glossary is= a very useful resource to many authors and many
SDOs.=C2=A0 But = it was published in August 2007, several eras of technology in
the past.=C2=A0 Since the definitions are often out-of-date in their ref= erences to
source SDO definitions, they are sometimes inaccu= rate for current usage.

Just wondering.
<= div>
Cheers,
- Ira

--0000000000002d4f2f05b78c0570-- From nobody Tue Dec 29 11:19:52 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 536D73A0876 for ; Tue, 29 Dec 2020 11:19:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2mdsgRL3H3ST for ; Tue, 29 Dec 2020 11:19:49 -0800 (PST) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FDD73A08C5 for ; Tue, 29 Dec 2020 11:19:42 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 62B4B38990; Tue, 29 Dec 2020 14:20:17 -0500 (EST) Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id o-zZ8sbG9qdc; Tue, 29 Dec 2020 14:20:16 -0500 (EST) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id D3C953898F; Tue, 29 Dec 2020 14:20:16 -0500 (EST) Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 359B11AD; Tue, 29 Dec 2020 14:19:40 -0500 (EST) From: Michael Richardson To: Ira McDonald , saag@ietf.org In-Reply-To: References: X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [saag] Will there be an RFC4949bis? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2020 19:19:51 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ira McDonald wrote: > The Internet Glossary is a very useful resource to many authors and m= any > SDOs. But it was published in August 2007, several eras of technolog= y in > the past. Since the definitions are often out-of-date in their refer= ences > to > source SDO definitions, they are sometimes inaccurate for current usa= ge. hi, I'm told that 4949 took a lot of compromise to arrive at. (I personally can't recall the debate at all, but I had a new baby around that time) I think that doing 4949bis is probably the wrong approach. Instead, I would suggest a round of Updates (Amends) 4949, and then later o= n, collect it back. We had a discussion a few weeks ago about on-path attackers vs packet dropp= ing. I wrote draft-richardson-saag-onpath-attacker-00 to capture that discussion, and bring it forward, and yes, Amend rfc4949. (co-authors sought) =2D- Michael Richardson . o O ( IPv6 I=C3=B8T consulti= ng ) Sandelman Software Works Inc, Ottawa and Worldwide --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEbsyLEzg/qUTA43uogItw+93Q3WUFAl/rgUsACgkQgItw+93Q 3WWQqAgAguerhHpTCl1Y7j7LY07Se/coTLrB7rZW+ww6BfVsXwI1fkZyD5BMr6Rx 1L0U5M2CCrJG6NbKnQLTCyjMQONj4f9/CRSd7flMH8WXSii5YpZkkKs6R7vc54AD CKxcre5IPiDuw2WqcyuqX9e2UG4MUntQghKG6kiYt9Hb9uUnYBMd0Zaeuxp8RoSJ YOipQQoxsrqU8TZfiU6bkLoC8dJ6rprUeL7qNcQxbpEJiaU4ryKlcS0R+i3ek1pP 3k5NfF0YWhGiXURVliUA5Im9baCmjgkXbUy6AGPTeCEiUSIHn1a3Z4fc4XH/LwiN DAwL5a2gdfpbHa3XcqgfuxhFEN/Pbw== =8ceN -----END PGP SIGNATURE----- --=-=-=-- From kw@metapolymath.com Tue Dec 29 12:01:18 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 813753A0977 for ; Tue, 29 Dec 2020 12:01:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=metapolymath.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p25NpTvhFBqe for ; Tue, 29 Dec 2020 12:01:17 -0800 (PST) Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 389E13A0B08 for ; Tue, 29 Dec 2020 12:00:59 -0800 (PST) Received: by mail-lf1-x130.google.com with SMTP id m25so33139901lfc.11 for ; Tue, 29 Dec 2020 12:00:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metapolymath.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yUDv/MIX/4fTrRQUe05k+RD2XFZpyDJIFmWeUZj1pTs=; b=BZdO+giRxbxwch95qdluqkuINob+16ilsq8HEq2KxnzVOkOhTBtWz5EgMpJX5Vun9r ghvQExpCORXIV89zwNcRFj/j8hLaZ7QqG4l29oL32khr1yTC7SaFW/0bWZ1BcbZVX+NB cdiFA17w7BtnNdImBDwX9Gf8R3fvGy8DrslrK4jVevEFymYz1cY5hgy1+Tdo0/uonpia h/2aJAL8nRTGhU87vtE1m5TNivDaUADcp3vnAX3gjXwkF+XoCZT2Wvf7S3Q5a5MnDhmx Z9qrHvNntTc1ahEndM1fRtUT2LSeyHoJ+8EILzga4pjuuPb+fXZ4o2I0uEKWG6gt5I1Z F5Ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yUDv/MIX/4fTrRQUe05k+RD2XFZpyDJIFmWeUZj1pTs=; b=jIzrnRibK3SI1DS1jdoo7no2Tc5LtR1E2JFC7TNLGh0Hh1ANwyo3OW3KbYLvx2m2wn ADT4eAg5C2hq7LPMnjcjTi46sR5KOlDtLuew2KvgT7Us1Q/fPTZlJCx8fC/GvubiqPDd /yLeUpwxhIfzEXBcj4pF+FjBdsCNK8tOYBgFWSHsPL8hqFlK4X/sikleCZvENsA/GGW0 4T662+KHMSmkNIhXZEBv+Ko0ndJkgU2niFmlkcpe2do4n9Hi5z1uAsURTRyQEsHxEbq8 GmbujqlijmsG9vN8CdpuUCkjP9TJMxt5TPVk6CPj2QG7BDuauA/1iX34yk6u4vY6e43s v6Gg== X-Gm-Message-State: AOAM532ZnCXEwXlFIqAFHsvzF5yNFlSYHcziK7qEpq3aFgw813Jtp0Fx Cfez9bjnxBO6KkrGlcRJ5enk/VfRSGb7myN2lVFp4Q== X-Google-Smtp-Source: ABdhPJweDNl6nAY4avFtf5IwB/vV7oGSiI4BDp/y4Kk4rTVGrQlpUmok/ITBr7kyb8Ugs6Za+igSXk6Ve0aDW5VVSgo= X-Received: by 2002:a2e:9acf:: with SMTP id p15mr24044844ljj.192.1609272057791; Tue, 29 Dec 2020 12:00:57 -0800 (PST) MIME-Version: 1.0 References: <29141.1609269580@localhost> In-Reply-To: <29141.1609269580@localhost> From: Metapolymath Majordomo Date: Tue, 29 Dec 2020 14:00:47 -0600 Message-ID: To: Michael Richardson Cc: Ira McDonald , saag@ietf.org Content-Type: multipart/alternative; boundary="0000000000005a1d3b05b79fd996" Archived-At: Subject: Re: [saag] Will there be an RFC4949bis? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2020 20:04:20 -0000 --0000000000005a1d3b05b79fd996 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Concur on amendments option. On Tue, Dec 29, 2020, 1:20 PM Michael Richardson wrote: > > Ira McDonald wrote: > > The Internet Glossary is a very useful resource to many authors and > many > > SDOs. But it was published in August 2007, several eras of > technology in > > the past. Since the definitions are often out-of-date in their > references > > to > > source SDO definitions, they are sometimes inaccurate for current > usage. > > hi, I'm told that 4949 took a lot of compromise to arrive at. > (I personally can't recall the debate at all, but I had a new baby around > that time) > > I think that doing 4949bis is probably the wrong approach. > Instead, I would suggest a round of Updates (Amends) 4949, and then later > on, > collect it back. > > We had a discussion a few weeks ago about on-path attackers vs packet > dropping. > I wrote draft-richardson-saag-onpath-attacker-00 to capture that > discussion, > and bring it forward, and yes, Amend rfc4949. (co-authors sought) > > -- > Michael Richardson . o O ( IPv6 I=C3=B8T consul= ting ) > Sandelman Software Works Inc, Ottawa and Worldwide > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > --0000000000005a1d3b05b79fd996 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Concur on amendments option.

On Tue, Dec 29, 2020, 1:20 PM= Michael Richardson <mcr+ietf= @sandelman.ca> wrote:

Ira McDonald <blueroofmusic@gmail.com> wrote:
=C2=A0 =C2=A0 > The Internet Glossary is a very useful resource to many = authors and many
=C2=A0 =C2=A0 > SDOs.=C2=A0 But it was published in August 2007, several= eras of technology in
=C2=A0 =C2=A0 > the past.=C2=A0 Since the definitions are often out-of-d= ate in their references
=C2=A0 =C2=A0 > to
=C2=A0 =C2=A0 > source SDO definitions, they are sometimes inaccurate fo= r current usage.

hi, I'm told that 4949 took a lot of compromise to arrive at.
(I personally can't recall the debate at all, but I had a new baby arou= nd
that time)

I think that doing 4949bis is probably the wrong approach.
Instead, I would suggest a round of Updates (Amends) 4949, and then later o= n,
collect it back.

We had a discussion a few weeks ago about on-path attackers vs packet dropp= ing.
I wrote draft-richardson-saag-onpath-attacker-00 to capture that discussion= ,
and bring it forward, and yes, Amend rfc4949. (co-authors sought)

--
Michael Richardson <mcr+IETF@sandelman.ca>=C2=A0 =C2=A0. o O= ( IPv6 I=C3=B8T consulting )
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Sandelman Software Works Inc, Otta= wa and Worldwide
_______________________________________________
saag mailing list
saag@= ietf.org
https://www.ietf.org/mailman/listinfo/saag<= br>
--0000000000005a1d3b05b79fd996-- From nobody Tue Dec 29 15:29:40 2020 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B9623A0C57 for ; Tue, 29 Dec 2020 15:29:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=metapolymath.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3dhRQLWahZaR for ; Tue, 29 Dec 2020 15:29:36 -0800 (PST) Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 339863A0C53 for ; Tue, 29 Dec 2020 15:29:35 -0800 (PST) Received: by mail-lf1-x12a.google.com with SMTP id y19so34017374lfa.13 for ; Tue, 29 Dec 2020 15:29:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metapolymath.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MGXSz+484P4wCN9iCqOkpcEqrFBWm2DDZc1H1O7CmR4=; b=WwiWdTedznmxJGKMYHmE/7KIXl0/KOYZweq0DOLAvsq6Pw4OjlSPlKK7pxWdMMUbky bxV6VXEbGRtDiERVUmYCkhlkuIZ+KtcrsHpG/sbNnG+Tl0zcAYAs6LYctFy7rc8NhI4i 5En0NNqY5LSBCbS39ae/DmncmSshy7y4rhZYJJQ7NuXbaoeGYjyqBqZXuL3gqIZfu8iB 4QFhx3tAOTG2tEZmTYj0JwX9RpwwcNXQiYnMjb1U2bbR0LoYwa8cgTrwMGlyQQXYGm1Z 3tAQF8zjuTh79VkEvEveeu47zG0KoX9nvs1QgbuXxkjoLsxi+RZFfX+JGs7yMacGnp+L eEmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MGXSz+484P4wCN9iCqOkpcEqrFBWm2DDZc1H1O7CmR4=; b=FumKNBgV9UVYn/vJQhi0RNCQbAVD8ydr+4x4rZSj70mQDfj1gDT0Qraos2ig258EIp MIWX4/KTo9rwiArUEl+9loSoRovA7gE1Wuuwlq13xcjL9znOAqZflWX6AGO13BOUtobe JZIIcKVTiF9LLr9Y7RlNLGLQ4dgXMPXZ/7JjPBE8Jw/gVe1MA7GQ3eO5QSqBehia1t9R uJ4AbeVSQCP89xcAKgTPyWv+EAhB/eo1PpMW1MgGCRY/gWHN5poXOsRph67wt+VWHBqM 6mak7eYLTm0a1cdGrxpEsEPV9cYIQ0vnrwT3mudMcrZzo7BAiCQwKJ/0OChOHRORH5UB 0ArQ== X-Gm-Message-State: AOAM530sR6/UhxwWsthF6qyXiSWKHPrny3LkQDOYxa5XYEc/ePLGPMV6 USiyMltcS8A4QA0wzKhYNve74LOnrJxOnkR00vu3tQ== X-Google-Smtp-Source: ABdhPJzK71AHHLSYJcxsgsNkEiNtx3DKZ7VsiRLLmQU7f0B4oCmqfXAUvGAZLbzqRmHHzo5wI7aBDF6v7Yw73hZm/6A= X-Received: by 2002:a05:651c:503:: with SMTP id o3mr24158649ljp.253.1609284573544; Tue, 29 Dec 2020 15:29:33 -0800 (PST) MIME-Version: 1.0 References: <29141.1609269580@localhost> In-Reply-To: From: Metapolymath Majordomo Date: Tue, 29 Dec 2020 17:29:23 -0600 Message-ID: To: Michael Richardson Cc: Ira McDonald , saag@ietf.org Content-Type: multipart/alternative; boundary="00000000000059595405b7a2c38a" Archived-At: Subject: Re: [saag] Will there be an RFC4949bis? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2020 23:29:38 -0000 --00000000000059595405b7a2c38a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I apologize I didn't realize my signature was off. I agree with Michael's conclusions. With Regard, Kronah Wood Metapolymath, LLC PO Box 19236 Lenexa, KS 66219-9236 +1.2139158297 www.metapolymath.com Sent from Mobile On Tue, Dec 29, 2020, 2:00 PM Metapolymath Majordomo < majordomo@metapolymath.com> wrote: > Concur on amendments option. > > On Tue, Dec 29, 2020, 1:20 PM Michael Richardson > wrote: > >> >> Ira McDonald wrote: >> > The Internet Glossary is a very useful resource to many authors an= d >> many >> > SDOs. But it was published in August 2007, several eras of >> technology in >> > the past. Since the definitions are often out-of-date in their >> references >> > to >> > source SDO definitions, they are sometimes inaccurate for current >> usage. >> >> hi, I'm told that 4949 took a lot of compromise to arrive at. >> (I personally can't recall the debate at all, but I had a new baby aroun= d >> that time) >> >> I think that doing 4949bis is probably the wrong approach. >> Instead, I would suggest a round of Updates (Amends) 4949, and then late= r >> on, >> collect it back. >> >> We had a discussion a few weeks ago about on-path attackers vs packet >> dropping. >> I wrote draft-richardson-saag-onpath-attacker-00 to capture that >> discussion, >> and bring it forward, and yes, Amend rfc4949. (co-authors sought) >> >> -- >> Michael Richardson . o O ( IPv6 I=C3=B8T consu= lting >> ) >> Sandelman Software Works Inc, Ottawa and Worldwide >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag >> > --00000000000059595405b7a2c38a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I apologize I didn't realize my signature was off.
I agree with Michael's concl= usions.

With Re= gard,

Kronah Wood
Metapolymath, LLC
PO Box 19236
Lenexa, KS= 66219-9236
+1.2139158297

On Tue, Dec 29, 20= 20, 2:00 PM Metapolymath Majordomo <majordomo@metapolymath.com> wrote:
Concur on amendments option.

On Tue, Dec = 29, 2020, 1:20 PM Michael Richardson <mcr+ietf@sandelman.ca>= wrote:

Ira McDonald <blueroofmusic@gmail.com> wrote:
=C2=A0 =C2=A0 > The Internet Glossary is a very useful resource to many = authors and many
=C2=A0 =C2=A0 > SDOs.=C2=A0 But it was published in August 2007, several= eras of technology in
=C2=A0 =C2=A0 > the past.=C2=A0 Since the definitions are often out-of-d= ate in their references
=C2=A0 =C2=A0 > to
=C2=A0 =C2=A0 > source SDO definitions, they are sometimes inaccurate fo= r current usage.

hi, I'm told that 4949 took a lot of compromise to arrive at.
(I personally can't recall the debate at all, but I had a new baby arou= nd
that time)

I think that doing 4949bis is probably the wrong approach.
Instead, I would suggest a round of Updates (Amends) 4949, and then later o= n,
collect it back.

We had a discussion a few weeks ago about on-path attackers vs packet dropp= ing.
I wrote draft-richardson-saag-onpath-attacker-00 to capture that discussion= ,
and bring it forward, and yes, Amend rfc4949. (co-authors sought)

--
Michael Richardson <mcr+IETF@sandelman.ca>=C2=A0 = =C2=A0. o O ( IPv6 I=C3=B8T consulting )
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Sandelman Software Works Inc, Otta= wa and Worldwide
_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinf= o/saag
--00000000000059595405b7a2c38a--