From tyl@ssh.com Wed Apr 10 01:49:27 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6A4621F891D for ; Wed, 10 Apr 2013 01:49:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.796 X-Spam-Level: ** X-Spam-Status: No, score=2.796 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, RCVD_IN_SORBS_WEB=0.619, RDNS_DYNAMIC=0.1, SARE_MILLIONSOF=0.315] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45N2NVIBIprB for ; Wed, 10 Apr 2013 01:49:27 -0700 (PDT) Received: from ip-194-137-52-209.ssh.com (ip-194-137-52-209.ssh.com [194.137.52.209]) by ietfa.amsl.com (Postfix) with ESMTP id 3E08721F888C for ; Wed, 10 Apr 2013 01:49:27 -0700 (PDT) Received: from [192.168.43.158] (ma92836d0.tmodns.net [208.54.40.169]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by allman.clausal.com (Postfix) with ESMTPSA id 8A42A780171 for ; Sat, 6 Apr 2013 16:55:05 +0300 (EEST) From: Tatu Ylonen Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Sat, 6 Apr 2013 16:45:12 +0300 Message-Id: To: saag@ietf.org Mime-Version: 1.0 (Apple Message framework v1283) X-Mailer: Apple Mail (2.1283) X-Mailman-Approved-At: Wed, 10 Apr 2013 08:02:48 -0700 Subject: [saag] SSH user key management - new draft and mailing list X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Apr 2013 08:49:27 -0000 A new draft "SSH Key Management for Automated Access - Current = Recommended Practice" is now available at = https://tools.ietf.org/html/draft-ylonen-sshkeybcp-01 The draft is relevant for anyone interested in SSH user key management = and more generally identity and access management. We have found = hundreds of thousands to millions of SSH authorized keys from the IT = environments of many large enterprises (many times more than they have = interactive users), and bringing key-based access under control is very = important. The draft outlines the risks with unmanaged key-based access = and presents a process for remediating the situation in an existing = environment and implanting an ongoing process for monitoring and = managing key-based access (and other automated passwordless access). I am hoping the draft will evolve into a BCP (Best Current Practice) = standard on managing SSH user keys in organizations. The draft is = mostly about process and policy, not technical protocols, as SSH user = key management is really an identity and access management issue and the = related problems largely policy, process, and auditing issues related to = controlling access to information systems in an organization, especially = with regards to automated machine-to-machine access. A mailing list sshmgmt@ietf.org has been created for discussion about = the draft (and other issues related to managing SSH). Please send = comments on the draft to the list. To subscribe (or unsubscribe), go = to: https://www.ietf.org/mailman/listinfo/sshmgmt Regards, Tatu Ylonen From magnus.westerlund@ericsson.com Thu Apr 18 06:37:57 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D306B21F8EEC for ; Thu, 18 Apr 2013 06:37:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.099 X-Spam-Level: X-Spam-Status: No, score=-106.099 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLcQlgD5cnDK for ; Thu, 18 Apr 2013 06:37:57 -0700 (PDT) Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 1829F21F8EEA for ; Thu, 18 Apr 2013 06:37:56 -0700 (PDT) X-AuditID: c1b4fb2d-b7f316d0000028db-f8-516ff73303aa Received: from esessmw0256.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id 1B.6F.10459.337FF615; Thu, 18 Apr 2013 15:37:56 +0200 (CEST) Received: from [127.0.0.1] (153.88.115.8) by esessmw0256.eemea.ericsson.se (153.88.115.97) with Microsoft SMTP Server id 8.3.279.1; Thu, 18 Apr 2013 15:37:55 +0200 Message-ID: <516FF732.3050803@ericsson.com> Date: Thu, 18 Apr 2013 15:37:54 +0200 From: Magnus Westerlund User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: saag@ietf.org X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrEJMWRmVeSWpSXmKPExsUyM+Jvra7J9/xAgyevOS2m9HcyOTB6LFny kymAMYrLJiU1J7MstUjfLoErY/3uI8wF05krrh/7yN7AeIqpi5GTQ0LARGLrqTVsELaYxIV7 64FsLg4hgVOMElvfXWWEcJYzSvSdWsICUsUroC2xaOZWdhCbRUBV4uGaU2BxNgELiZs/GoG6 OThEBYIltrbGQJQLSpyc+QSsRATIftA3CcwWFkiUOPHiA9RiSYktL9rBRjIL6ElMudrCCGHL S2x/O4cZxBYCWtvQ1ME6gZF/FpKxs5C0zELSsoCReRUje25iZk56ueEmRmA4HdzyW3cH46lz IocYpTlYlMR5w1wvBAgJpCeWpGanphakFsUXleakFh9iZOLglGpgZNiwe7rWNf9s7hOTlea8 W80q2Jl86eSWPW/KPibnHCleWLdl1sP6lXtsplXmPRDpevPZx1jQ+eN87mM5t9V0hBY/NN1X s1jm98Ie1i/PmoU6J54zfVvpdnz2iR0Zu+/OTwyKSpzYfll9f97db2U3lia82Hl11ZzJM2et lHYScu8+npu9aIWweLkSS3FGoqEWc1FxIgAv+R0q9QEAAA== Subject: [saag] Requesting review of AES-GCM and AES-CCM Authenticated Encryption in Secure RTP (SRTP) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Apr 2013 13:37:57 -0000 Hi, The AVTCORE WG has developed this application of AES-GCM and AES-CCM as cipher suit for SRTP. I would really appreciate if some more security knowledgeable would take a look at it before we request publication. If they have any understanding of SRTP it would be a big plus. https://datatracker.ietf.org/doc/draft-ietf-avtcore-srtp-aes-gcm/ Thanks Magnus Westerlund AVTCORE WG chair From stephen.farrell@cs.tcd.ie Tue Apr 23 13:33:52 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 688CB21F969A for ; Tue, 23 Apr 2013 13:33:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.6 X-Spam-Level: X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8+pyd8hvs3ZV for ; Tue, 23 Apr 2013 13:33:51 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 2996421F9696 for ; Tue, 23 Apr 2013 13:33:51 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 13182BEC9 for ; Tue, 23 Apr 2013 21:33:29 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GR5+m8pnWZLw for ; Tue, 23 Apr 2013 21:33:28 +0100 (IST) Received: from [10.87.48.4] (unknown [86.41.5.126]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id DCEADBEC3 for ; Tue, 23 Apr 2013 21:33:24 +0100 (IST) Message-ID: <5176F009.6010602@cs.tcd.ie> Date: Tue, 23 Apr 2013 21:33:13 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 MIME-Version: 1.0 To: "saag@ietf.org" X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Subject: [saag] BoF dates for Berlin IETF X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Apr 2013 20:33:52 -0000 Hiya, If someone is interested in a security related BoF in Berlin you probably need to be talking to Sean or me real soon now. The dates are: • 2013-06-17 (Monday): Cutoff date for BOF proposal requests to Area Directors at UTC 24:00. To request a BOF, please see instructions on Requesting a BOF. • 2013-06-20 (Thursday): Cutoff date for Area Directors to approve BOFs at UTC 24:00. Cheers, S. From hammondjohnson@hushmail.com Sat Apr 27 15:49:00 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA4D121F99B3 for ; Sat, 27 Apr 2013 15:49:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CYmJxYGmVmxQ for ; Sat, 27 Apr 2013 15:49:00 -0700 (PDT) Received: from smtp10.hushmail.com (smtp10a.hushmail.com [65.39.178.239]) by ietfa.amsl.com (Postfix) with ESMTP id C93F421F9994 for ; Sat, 27 Apr 2013 15:48:57 -0700 (PDT) Received: from smtp10.hushmail.com (smtp10a.hushmail.com [65.39.178.239]) by smtp10.hushmail.com (Postfix) with SMTP id F14BF1B5354 for ; Sat, 27 Apr 2013 18:03:04 +0000 (UTC) X-hush-relay-time: 220 X-hush-relay-id: b1bd903faba185ee07e5a0ed3a1fde37 Received: from smtp.hushmail.com (w5.hushmail.com [65.39.178.80]) by smtp10.hushmail.com (Postfix) with ESMTP for ; Sat, 27 Apr 2013 18:03:04 +0000 (UTC) Received: by smtp.hushmail.com (Postfix, from userid 99) id B1713E6736; Sat, 27 Apr 2013 18:03:04 +0000 (UTC) MIME-Version: 1.0 Date: Sat, 27 Apr 2013 14:03:04 -0400 To: saag@ietf.org From: hammondjohnson@hushmail.com Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="UTF-8" Message-Id: <20130427180304.B1713E6736@smtp.hushmail.com> Subject: [saag] Biggest Fake Conference in Computer Science X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Apr 2013 22:49:01 -0000 We are researchers from different parts of the world and conducted a study on the world’s biggest bogus computer science conference WORLDCOMP ( http://sites.google.com/site/worlddump1 ) organized by Prof. Hamid Arabnia from University of Georgia, USA. We submitted a fake paper to WORLDCOMP 2011 and again (the same paper with a modified title) to WORLDCOMP 2012. This paper had numerous fundamental mistakes. Sample statements from that paper include: (1). Binary logic is fuzzy logic and vice versa (2). Pascal developed fuzzy logic (3). Object oriented languages do not exhibit any polymorphism or inheritance (4). TCP and IP are synonyms and are part of OSI model (5). Distributed systems deal with only one computer (6). Laptop is an example for a super computer (7). Operating system is an example for computer hardware Also, our paper did not express any conceptual meaning. However, it was accepted both the times without any modifications (and without any reviews) and we were invited to submit the final paper and a payment of $500+ fee to present the paper. We decided to use the fee for better purposes than making Prof. Hamid Arabnia (Chairman of WORLDCOMP) rich. After that, we received few reminders from WORLDCOMP to pay the fee but we never responded. We MUST say that you should look at the above website if you have any thoughts to submit a paper to WORLDCOMP. DBLP and other indexing agencies have stopped indexing WORLDCOMP’s proceedings since 2011 due to its fakeness. See http://www.informatik.uni-trier.de/~ley/db/conf/icai/index.html for of one of the conferences of WORLDCOMP and notice that there is no listing after 2010. See Section 2 of http://sites.google.com/site/dumpconf for comments from well-known researchers about WORLDCOMP. The status of your WORLDCOMP papers can be changed from scientific to other (i.e., junk or non-technical) at any time. Better not to have a paper than having it in WORLDCOMP and spoil the resume and peace of mind forever! Our study revealed that WORLDCOMP is a money making business, using University of Georgia mask, for Prof. Hamid Arabnia. He is throwing out a small chunk of that money (around 20 dollars per paper published in WORLDCOMP’s proceedings) to his puppet (Mr. Ashu Solo or A.M.G. Solo) who publicizes WORLDCOMP and also defends it at various forums, using fake/anonymous names. The puppet uses fake names and defames other conferences to divert traffic to WORLDCOMP. He also makes anonymous phone calls and tries to threaten the critiques of WORLDCOMP (See Item 7 of Section 5 of above website). That is, the puppet does all his best to get a maximum number of papers published at WORLDCOMP to get more money into his (and Prof. Hamid Arabnia’s) pockets. Monte Carlo Resort (the venue of WORLDCOMP for more than 10 years, until 2012) has refused to provide the venue for WORLDCOMP’13 because of the fears of their image being tarnished due to WORLDCOMP’s fraudulent activities. That is why WORLDCOMP’13 is taking place at a different resort. WORLDCOMP will not be held after 2013. The draft paper submission deadline is over but still there are no committee members, no reviewers, and there is no conference Chairman. The only contact details available on WORLDCOMP’s website is just an email address! Let us make a direct request to Prof. Hamid arabnia: publish all reviews for all the papers (after blocking identifiable details) since 2000 conference. Reveal the names and affiliations of all the reviewers (for each year) and how many papers each reviewer had reviewed on average. We also request him to look at the Open Challenge (Section 6) at https://sites.google.com/site/moneycomp1 Sorry for posting to multiple lists. Spreading the word is the only way to stop this bogus conference. Please forward this message to other mailing lists and people. We are shocked with Prof. Hamid Arabnia and his puppet’s activities http://worldcomp-fake-bogus.blogspot.com Search Google using the keyword worldcomp fake for additional links.