Hi Mark,
you are certainly right on the clear goals and metrics.
Just as one example consider a topic like "HTTPS everywhere". We had
this IAB technical plenary about Web Security not too long ago (IETF#83)
and Ekr gave a talk with the title "How do we get to
TLS Everywhere?". On slide 5 of his talk (see
http://www.ietf.org/proceedings/83/slides/slides-83-iab-9-technical-plenary.pdf)
he quotes Cullen.
Even with such a topic there would already be enough work (such as
guidelines for how to get certificates, how to configure various Web
servers and use different hosting providers), etc.
The good thing about such a topic is that we are not the first group to
look at it. There is also EFF and others.
There the goal could be to get from the current 1% TLS usage to
something like 10% in 3 years (or so).
Measuring the TLS usage is also easier (as a number of projects, like
EFF with their SSL Observatory demonstrated).
Is that would you roughly had in mind (of course with much more detail)?
Ciao
Hannes
On 10.09.2013 22:41, Mark Townsley wrote:
Critical aspects of the World IPv6 Day/Launch activity were clear
goals as to what it meant to be "in", as well as independent
measurement of those that signed up (at first AAAAs in the DNS, later
1% traffic from an ISP as measured by a set of content providers).
The nature of what's being considered here might make this tricky
(e.g., monitoring of techniques that themselves are aimed at averting
the ability to monitor!). In any case, if we try and do something
like this and want to follow the World Day/Launch model, I'd
encourage thinking about what the metrics and analysis should be.
- Mark
PS. As someone working to see IPv6 deployed, increased use of SSL is
a boost as https leads to more global IPv4 address demand and more
need for IPv6. Go crypto.
On Sep 10, 2013, at 9:30 PM, Hannes Tschofenig wrote:
Open source is certainly only one market, although important in the
security context when I think about all the libraries.
Needless to say that many products are not open source and we would
want to encourage them to get better as well (as we did with the
IPv6 day).
Maybe we need a "Crypto Day".
On 10.09.2013 22:13, Marc Blanchet wrote:
my take on this debate is that there is much more to do _not in
the protocols specifications_ than enhancing what our protocol
specs. Deployment, implementations, etc... shall be more
targetted to be enhanced. Therefore I agree with your idea. And
opensource is just one market.
Marc.
Le 2013-09-10 à 15:02, Hannes
Tschofenig<[email protected]> a écrit :
Hi all,
as I replied to Dave about the scope of the discussions at the
next IETF meeting I was wondering about the following issue.
Bruce Schneier asked the IETF for help and, as we have noticed
in the discussions there are certain limits to what we can do
in the IETF (as a standardization body).
The wider Internet community, however, has somewhat different
options and we have in other cases reached out to that
community to impact the deployment of Internet technologies. A
recent example is the IPv6 day.
Why should we turn around and ask the Internet community to
help us out with some of the issues we cannot solve alone, such
as those related to the deployment of various security
extensions.
I am sure many open source developers are at this moment trying
to figure out what they should be improving but they may not
have the same level of expertise as we have.
Needless to say that we first have to figure out what we want
to ask for and this requires some investigation in what is
currently available (like Yaron did for S/MIME and Jim Gettys
did for his DNSSEC case).
What do you think?
Ciao Hannes _______________________________________________
perpass mailing list [email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________ perpass mailing
list [email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________ perpass mailing
list [email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________ perpass mailing list
[email protected] https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
