On Wed, Feb 18, 2015 at 11:27 PM, Pete Resnick <presn...@qti.qualcomm.com> wrote:
> On 2/18/15 10:19 PM, Peter Saint-Andre - &yet wrote: > >> On 2/18/15 8:34 PM, Richard Barnes wrote: >> >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- >>> >>> I really can't abide by the abdication in Section 5.2. >>> >> >> Abdication is an awfully strong word. >> >> Getting a cert is >>> hard. Running reasonably recent software and configuring it properly is >>> not. The possibility that a connection will not be authenticated is no >>> excuse for using bad versions of TLS or using insecure ciphersuites. >>> >>> I appreciate that normally deference to WG consensus is appropriate, but >>> this is a recommendation that could be actively harmful to the Internet >>> by encouraging the continued use of broken code. >>> >> >> I think the document, then, does not provide clear enough text. >> >> I do not think we intended to actively recommend that anyone run broken >> code, use outdated versions of TLS, use insecure ciphersuites, etc. >> However, we are saying that this document was not written specifically to >> cover unauthenticated TLS usages because that was a point of strong >> contention in the WG and we were not able to reach consensus. The thread >> beginning here is illustrative: >> >> http://www.ietf.org/mail-archive/web/uta/current/msg00625.html >> >> If you are insisting that this document be remanded to the WG with >> instructions that it reach consensus one way or the other, then please let >> us know. >> > > The rest I'm happy for the editors/chairs/others to take up, but let me > take on this one: > > We will discuss this on the call tomorrow. Stephen and Kathleen and I are > working on (well, really, Stephen produced a first draft a month ago and I > dawdled on my edit, but I hope we are close to getting out the door) a > statement to the community regarding discussions of OS considerations. > There are a load of reasons that in an OS (and potentially other > unauthenticated) context you would violate some of the recommendations in > this document. I look forward to your documentation of which recommendations and which reasons. > As our note will say, it is incredibly hard (I would say near impossible) > to reasonably convey what the "right" approach is when talking about OS. I will object strenuously to anything that suggests that continuing to use broken algorithms or protocols is any sense a "right" approach. Fortunately, Peter's note implies that this is not what the WG intended. > Until we are able to get better community consensus on this topic and how > to explain it in documents, I think (and I believe the WG agrees) that the > right thing to say is, "This document isn't talking about OS" and leave it > at that, which is what the document now says. > It's wrong to just throw up our hands and give carte blanche just because we might need to red-line a few things. At most, we should say something like, "OS is a work in progress; until further notice, use this as a baseline and deviate to the minimal extent possible." --Richard > I'll probably share the draft text we've been working on with Richard. > Perhaps Stephen and I will simply convince him. Perhaps he will convince > us. But let's leave this topic for the telechat tomorrow, and we'll circle > back to the WG if there's an issue to address. > > pr > > -- > Pete Resnick<http://www.qualcomm.com/~presnick/> > Qualcomm Technologies, Inc. - +1 (858)651-4478 > >
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
