These minutes were taken by Michael Boe <mboe@cisco.com>
The purpose of the meeting as described in the agenda was discussed by the chair, Jeffrey Altman. The floor was then opened to comments and questions:
. Comment: The WG Chair should not be the author of I-Ds in the WG.
. Question: Why Telnet? Why not just use SSH?
Answer: Telnet has a large installed base that needs to be secured.
. Question: Wouldn't SSH servers be more secure?
Answer/Debate: Policy of server is independent of underlying SSH/TELNET technologies.
. Observation: It is easier psychologically to upgrade telnet than to toss it out.
. Central Q of Debate: Is securing each existing telnet implementation more desireable than encouraging shift to more modern (ssh) systems?
. Question: Would current Telnet developers implement new security standards if they were adopted?
Answer: if not, it would probably result in the old insecure implementations being removed from the products.
Observation from Security AD: In other words, if the IESG were to approve new standards the world becomes more secure whether or not they are implemented by vendors
. Question: what's the load/packet ratio for SSH and TLS-Telnet?
Answer: somewhere around 1/20 or 1/30 for each is the ballpark.
A raise of hands indicated consensus for the creation of the Telnet Security (TELSEC) Working Group in the Security Area. 13 in favor; 2 opposed.
None received.