From owner-saag Wed Jan 8 11:36:14 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id LAA16374 for saag-outgoing; Wed, 8 Jan 1997 11:30:55 -0500 (EST) Message-Id: <199701081633.LAA26081@jekyll.piermont.com> X-Authentication-Warning: jekyll.piermont.com: [[UNIX: localhost]] didn't use HELO protocol To: jis@mit.edu cc: saag@tis.com Subject: Internet-Drafts@ietf.org: I-D ACTION:draft-rfced-info-ryckman-00.txt Date: Wed, 08 Jan 1997 11:33:53 -0500 From: "Perry E. Metzger" Sender: owner-saag@ex.tis.com Precedence: bulk Maybe we ought to comment on certain aspects of this before it becomes an RFC. In particular, it looks like it has certain very bad misconceptions built in. I realize this is an RFC editor thing, but still... .pm ------- Forwarded Message A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Security Industry Protocol for Alarm Transmission (SIPAT) Author(s) : S. Ryckman Filename : draft-rfced-info-ryckman-00.txt Pages : 7 Date : 01/07/1997 This document suggests a method for delivering alarm information over the Internet. All communication shall use an encryption algorithm for transmission of the data. An immediate response from the host will be used for verification of receipt of the message. This transmission method may be use as a backup transmission method to traditional dial-up or leased line methods, or as a primary transmission method with traditional methods becomming the backup. Due to the required security of the data being transmitted, the encryption algorithm used will only be released on a need to know basis to software developers in the Alarm/Security Industry. A non-disclosure agreement will be required. Terms and conditions of the licensing will depend on the intended purpose for use and may require a non-competition agreement or licensing fees. The Internet Assigned Numbers Authority (IANA) has assigned port 1733 for the registered use of SIPAT transmissions. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-rfced-info-ryckman-00.txt". A URL for the Internet-Draft is: ftp://ds.internic.net/internet-drafts/draft-rfced-info-ryckman-00.txt Internet-Drafts directories are located at: o Africa: ftp.is.co.za o Europe: ftp.nordu.net ftp.nis.garr.it o Pacific Rim: munnari.oz.au o US East Coast: ds.internic.net o US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ds.internic.net. In the body type: "FILE /internet-drafts/draft-rfced-info-ryckman-00.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ds.internic.net" Content-Type: text/plain Content-ID: <19970108093534.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-rfced-info-ryckman-00.txt - --OtherAccess Content-Type: Message/External-body; name="draft-rfced-info-ryckman-00.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19970108093534.I-D@ietf.org> - --OtherAccess-- - --NextPart-- ------- End of Forwarded Message From owner-saag Wed Jan 8 12:57:53 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id MAA17075 for saag-outgoing; Wed, 8 Jan 1997 12:57:30 -0500 (EST) Date: Wed, 8 Jan 1997 13:00:31 -0500 (EST) From: der Mouse Message-Id: <199701081800.NAA29331@Collatz.McRCIM.McGill.EDU> To: saag@tis.com Subject: Re: Internet-Drafts@ietf.org: I-D ACTION:draft-rfced-info-ryckman-00.txt Sender: owner-saag@ex.tis.com Precedence: bulk [Wow, this list _does_ get some traffic after all! I was beginning to wonder. :-] [From Perry] > Maybe we ought to comment on certain aspects of this before it > becomes an RFC. [The draft in question] > Filename : draft-rfced-info-ryckman-00.txt > This document suggests a method for delivering alarm information over > the Internet. All communication shall use an encryption algorithm > for transmission of the data. [...] > Due to the required security of the data being transmitted, the > encryption algorithm used will only be released on a need to know > basis to software developers in the Alarm/Security Industry. A > non-disclosure agreement will be required. This is a very bad idea. It sounds like someone who doesn't know anything about cryptography inventing an encryption algorithm and depending on secrecy of the algorithm, rather than secrecy of the keys, for security. It also means that the resulting spec would be insufficient to produce an implementation, since it would not contain enough details to get the "encryption" right (I put the term in quotes because as I implied above, I suspect the algorithm they wish to use is so weak as to hardly deserve the name). The draft also says that "normal Email" could be used, except that it "would not provide immediate notification of receipt" and "would open the system up to tampering from external sources". The former can be addressed trivially with a return email message; the latter can be addressed most obviously by encrypting the body of the email, or even just signing it with PGP or its moral equivalent. By the way, being new to this process...is the saag list the appropriate forum for comments such as these, or should I send them somewhere else? It's not clear from skimming the draft where comments should go. der Mouse mouse@rodents.montreal.qc.ca 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From owner-saag Thu Jan 9 13:33:53 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id NAA26792 for saag-outgoing; Thu, 9 Jan 1997 13:30:51 -0500 (EST) Message-ID: <32D52500.62E9@mit.edu> Date: Thu, 09 Jan 1997 09:04:00 -0800 From: "Jeffrey I. Schiller" Reply-To: jis@mit.edu Organization: Massachusetts Institute of Technology X-Mailer: Mozilla 3.0 (Macintosh; U; 68K) MIME-Version: 1.0 To: rfc-ed@isi.edu CC: iesg@isi.edu, saag@tis.com Subject: Re: Informational RFC-to-be References: <199701081607.AA09192@akamai.isi.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-saag@ex.tis.com Precedence: bulk rfc-ed@isi.edu wrote: > > IESG: > > The RFC Editor has received the following "Informational" RFC-to-be: > draft-rfced-info-ryckman-00.txt. Two week timeout is initiated (23 > January 96). Please put this document on hold. Frankly, it proposes a bad idea. I will contact the author to discuss options about improving the document. Worst case I will need time to draft an appropriate disclaimer paragraph to go along with it (IESG Comments). -Jeff From owner-saag Tue Apr 15 18:26:32 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id SAA08235 for saag-outgoing; Tue, 15 Apr 1997 18:25:06 -0400 (EDT) Date: Tue, 15 Apr 1997 18:25:53 -0400 Message-Id: <199704152225.SAA01634@road-warrior-177.mit.edu> From: "Jeffrey I. Schiller" To: scoya@ietf.org Subject: Security Area Home Page Cc: saag@tis.com Sender: owner-saag@ex.tis.com Precedence: bulk I have started setting up a Web Home Page for the Security Area. Its still under construction, but does have some useful content now (like a pointer to the polling system). Its URL is: http://web.mit.edu/network/ietf/sa Could you place an appropriate link in the appropriate place in the IETF Web pages? Thanks! -Jeff From owner-saag Tue Jun 3 10:44:27 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id KAA17627 for saag-outgoing; Tue, 3 Jun 1997 10:43:24 -0400 (EDT) Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce@ietf.org From: Internet-Drafts@ietf.org cc: saag@tis.com Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-eastlake-weak-ato-01.txt Date: Tue, 03 Jun 1997 09:55:23 -0400 Message-ID: <9706030955.aa06813@ietf.org> Sender: owner-saag@ex.tis.com Precedence: bulk --NextPart A Revised Internet-Draft is available from the on-line Internet-Drafts directories. Title : The Weak Authentication and Tracing Option Author(s) : D. Eastlake Filename : draft-eastlake-weak-ato-01.txt Pages : 22 Date : 06/02/1997 The packet switched nature of the Internet Protocol (IP) provides no inherent method to assure that a packet has been issued with a source address authorized for use by the sender and no inherent method to trace the actual source of a packet. These characteristics make it difficult to take effective action concerning injurious packets which may have originated, by accident or maliciously, virtually anywhere in the Internet. A lightweight IP level option is proposed that provides (1) some assurance that packets are authorized by a host along the path routed through when the packet's source address is used as a destination address, and (2) limited statistical tracing information such that, if many bad packets are logged, the path to their source will usually be revealed. This would provide significantly improved protection against packet level abuse. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-eastlake-weak-ato-01.txt". A URL for the Internet-Draft is: ftp://ds.internic.net/internet-drafts/draft-eastlake-weak-ato-01.txt Internet-Drafts directories are located at: o Africa: ftp.is.co.za o Europe: ftp.nordu.net ftp.nis.garr.it o Pacific Rim: munnari.oz.au o US East Coast: ds.internic.net o US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ds.internic.net. In the body type: "FILE /internet-drafts/draft-eastlake-weak-ato-01.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ds.internic.net" Content-Type: text/plain Content-ID: <19970602100001.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-eastlake-weak-ato-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-eastlake-weak-ato-01.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19970602100001.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-saag Thu Jul 31 07:50:10 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id HAA21423 for saag-outgoing; Thu, 31 Jul 1997 07:47:08 -0400 (EDT) From: rja@corp.home.net (Ran Atkinson) Message-Id: <970730183913.ZM11665@borg.eos.home.net> Date: Wed, 30 Jul 1997 18:39:13 -0700 X-Mailer: Z-Mail (4.0.1 13Jan97) To: saag@tis.com Subject: draft-ietf-bmwg-secperf-00.txt MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-saag@ex.tis.com Precedence: bulk The above draft can be found in the Internet-Drafts archive near you. It defines various terms relating to network security and network security device testing. It could probably stand some review from interested members of the security community. I have nothing to do with the draft, other than just having accidentally stumbled across it today... From owner-saag Mon Aug 18 07:24:46 1997 Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id HAA11440 for saag-outgoing; Mon, 18 Aug 1997 07:23:39 -0400 (EDT) Date: Mon, 18 Aug 1997 13:33:35 +0200 (MET DST) From: Erik Nordmark - Sun Sweden Reply-To: Erik Nordmark - Sun Sweden Subject: Draft of interest to network security To: saag@tis.com Cc: nordmark@jurassic.eng.Sun.COM In-Reply-To: "Your message with ID" <199708042035.NAA15944@bobo.eng.sun.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-saag@ex.tis.com Precedence: bulk I don't follow the saag group but I've published an ID (see below) that can potentially bypass the trust of a secure DNS. I'd like to make sure that the draft gets sufficient security review. If you have any comments please send them to me or the IPng list (ipng@sunroof.eng.sun.com) Thanks, Erik ----- Begin Included Message ----- From owner-ipng@sunroof.eng.sun.com Wed Jul 30 18:11:11 1997 Date: Wed, 30 Jul 1997 17:39:03 -0700 From: nordmark@jurassic (Erik Nordmark) To: ipng@sunroof.eng.sun.com Subject: (IPng 4219) Site prefixes draft available MIME-Version: 1.0 I've submitted an Internet Draft based on the presentation I did in Memphis on Site Prefixes. If you want a preview before it shows up in the Internet Drafts directories you can get it from: ftp://playground.sun.com/pub/nordmark/draft-ietf-ipngwg-site-prefixes-00.txt Abstract This document specifies extensions to IPv6 Neighbor Discovery to carry site-prefixes. The site prefixes are used to reduce the effect of site renumbering by ensuring that the communication inside a site uses site-local addresses. Erik -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to majordomo@sunroof.eng.sun.com --------------------------------------------------------------------