IETF Logo Mail Archive

Re: [Ace] Mirja Kühlewind's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Thu, 31 October 2019 00:14 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13108120233; Wed, 30 Oct 2019 17:14:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SldXk_S2Lkzf; Wed, 30 Oct 2019 17:14:02 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650094.outbound.protection.outlook.com [40.107.65.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B838412006D; Wed, 30 Oct 2019 17:14:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L7vCHjFNVAiJA4UWmNDHulnY9M+OkippWnplP6O8W5i6JY+7F4Ec7CS1H59O69xgJI67szmoegkhvGWhpBUF+DdSSXCWEAS4HjviSrY6WvCUYGxcA5FuBTYvkikuWwaIWcjtUAx4ugEqFtnjpBqXhG6N3bRVTMz+xO7ENVfQ1fpJrGwptqVbxrcXYBVntMk97D1yf0nIIRrVZxXYzeYtePDK4+UEy6n23ufBEJj08JuFNpMawpVb06Ac1q+d7Dzxtg4H9wA7oGO83R5zv+kzD4r23/plQtHJFBX6f36RfFSGyNdPexlVVibsmaB++F5npCQXu8ntWp8QI1jnHSuruw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=80Kp3oM0r52fbJcdPpSplGpUauXMr7BvlbMzindIpR8=; b=LoRQuxGx25JLwBm7QrKMkyCEpf1dXMSvt7c+ZYJ/zbj/kZk0xWV04R7Jz4MH0mpQVhFVpilzS3+qieuAVqzuKnGjopLDKO2k2DjhLzT9mwRN8PdcpS2A+R5jGGMYJNzChJ78paus6rPqycb8gFGOaUbt2I0Vb9j2a/QiqRFOjE+R2wbT0uSiQ6Dz7N7gwu7noY6NPSa9rkLea2yXnt1Cd3dh+1q9sNQ+bloT5LTuu5OEjZfffSWu8LPqkiY91o3GZ5avSexNkRn6gAUgepWeAgH2R5VlJTv1VWz7aYnH85qsn8NcjIgxCBMF7IDUqW3OXug7QH9QOZFm7d+alk9PHA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=80Kp3oM0r52fbJcdPpSplGpUauXMr7BvlbMzindIpR8=; b=bk98lBLyTfhawRa2c38jBdEXr8A/lTU6utj1mraNYgcCHXUvqebEUk8UXTgHROZZ29KOyu6Q657vsV3MrHDgetfR8sphvmvKDVQ6kByedGVs6lAAK5lkBsbtI+kg2Vlfmpyxk6RK7QlXkLJmhWFEQQ6AWpGFkbwOGUd1brt2uxA=
Received: from DM6PR00MB0572.namprd00.prod.outlook.com (20.179.51.15) by DM6PR00MB0666.namprd00.prod.outlook.com (10.141.8.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.0; Thu, 31 Oct 2019 00:13:58 +0000
Received: from DM6PR00MB0572.namprd00.prod.outlook.com ([fe80::e495:1666:382f:4785]) by DM6PR00MB0572.namprd00.prod.outlook.com ([fe80::e495:1666:382f:4785%4]) with mapi id 15.20.2448.000; Thu, 31 Oct 2019 00:13:58 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Barry Leiba <barryleiba@computer.org>, Mirja Kuehlewind <ietf@kuehlewind.net>
CC: Benjamin Kaduk <kaduk@mit.edu>, "Roman D. Danyliw" <rdd@cert.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, The IESG <iesg@ietf.org>, "ace@ietf.org" <ace@ietf.org>, "draft-ietf-ace-cwt-proof-of-possession@ietf.org" <draft-ietf-ace-cwt-proof-of-possession@ietf.org>
Thread-Topic: [Ace] Mirja Kühlewind's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
Thread-Index: AQHVjaTaf28MZ9kKEUmdwFvS0aZ7rqdwNJuAgAAGEbCAAE97AIADWAzA
Date: Thu, 31 Oct 2019 00:13:58 +0000
Message-ID: <DM6PR00MB0572B03A23D71726881F1C72F5630@DM6PR00MB0572.namprd00.prod.outlook.com>
References: <157201926102.4337.10953843577545450235.idtracker@ietfa.amsl.com> <CALaySJKSmewUn3u2T7Nr5MaCOJ5C=pAii3UB230r+jox5m-4gQ@mail.gmail.com> <20191028153150.GY69013@kduck.mit.edu> <4F15E6F7-2DA0-4C90-B891-DDA65917D1A7@kuehlewind.net> <BYAPR00MB0567997BBAC77665CBE19822F5660@BYAPR00MB0567.namprd00.prod.outlook.com> <CALaySJLFLCgF5HzgcBQJdRE7WV1fpiYHn1TJYkKqFTo0yVAtDA@mail.gmail.com>
In-Reply-To: <CALaySJLFLCgF5HzgcBQJdRE7WV1fpiYHn1TJYkKqFTo0yVAtDA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=db71e82c-579c-41be-8380-0000c4e637ca; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-31T00:04:20Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:4898:80e8:9:5a15:4e20:1624:50c8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: fffe6184-7a3c-422a-3d14-08d75d9739be
x-ms-traffictypediagnostic: DM6PR00MB0666:
x-microsoft-antispam-prvs: <DM6PR00MB066660198CAB8A1B97476805F5630@DM6PR00MB0666.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 02070414A1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(366004)(39860400002)(396003)(136003)(13464003)(189003)(199004)(76116006)(102836004)(22452003)(7736002)(305945005)(66476007)(11346002)(476003)(74316002)(256004)(14444005)(10090500001)(7696005)(486006)(76176011)(186003)(71190400001)(110136005)(54906003)(53546011)(71200400001)(446003)(316002)(6506007)(99286004)(8936002)(66946007)(66556008)(64756008)(66446008)(6436002)(9686003)(6306002)(55016002)(81156014)(46003)(81166006)(5660300002)(4326008)(6116002)(25786009)(33656002)(66574012)(14454004)(478600001)(229853002)(10290500003)(52536014)(8990500004)(86362001)(2906002)(966005)(6246003)(224303003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR00MB0666; H:DM6PR00MB0572.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6ZdjgLD5O3QXzcObHEE/4UNQ4xnr1hKNuY/9TUw693xv21XMTcPeZaVNk7vE16t7Mf+/9AqizUzKTYrdC3IFB9PpRwVRuSQ/ZE5PAjSD46eTwG5w5ixmqxBOsnMESDqoWoG4dBv95Yo+0Us+PQ99te6eUXbCWn1m2hPCo4btr7s498y5zI1T9Q4N8Z32lfmEJg7Jn2XqPZ7PNRu8VXi1mdWWMiIajYudj/7/qsFf6724p0pSxCqI2+pNA8lHZdSHTPbAFM/4vRgtN9CcybJYvr1tBQimGik4tTEyY7bINMuVeCy+lTHq34sn4W4kQNzhI4dliXfYLehJDUir8S9nrVych/m0jc9DjZLuq85QLx6DnrUGwaQ0M9LWN63wjEu1GunvjR5ycCjJlZNKjZ7U4JdTdYxIB6DCJtUdnQelTKpSh0ffTna0aixoT6soyG/b
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fffe6184-7a3c-422a-3d14-08d75d9739be
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Oct 2019 00:13:58.5888 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: f0P8V2axYijwCvjaSF9wFA3Qo2b92s/pQ6s/p1UPxb26vivwht5SCi07IDmnjQ87KGAuGkUD+eNsk+L4ZnwU5A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0666
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/431C3pF4ZSJmYYIZY1mH9ckpzwU>
Subject: Re: [Ace] Mirja Kühlewind's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 00:14:05 -0000

I'm in the process of creating -10, which addresses the IESG comments other than Mirja's.  I'm reluctant to change the registration instructions, as they are currently identical to those for CWTs (and many other specifications going back to at least RFC 6749, modulo the name of the mailing list).  That said, if the IESG *really* wants to change the party to appeal to in the case of non-action from the Designated Experts from the IESG to IANA, I'm amenable to also making that change tomorrow, immediately following the telechat, so we can send the spec on to the RFC Editor.  Let me know what you decide.

				Thanks again,
				-- Mike

-----Original Message-----
From: Barry Leiba <barryleiba@computer.org> 
Sent: Monday, October 28, 2019 2:00 PM
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: Mirja Kuehlewind <ietf@kuehlewind.net>; Benjamin Kaduk <kaduk@mit.edu>; Roman D. Danyliw <rdd@cert.org>; ace-chairs@ietf.org; The IESG <iesg@ietf.org>; ace@ietf.org; draft-ietf-ace-cwt-proof-of-possession@ietf.org
Subject: Re: [Ace] Mirja Kühlewind's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)

The issue isn't using a mailing list.  The issue is the instructions to IANA about how to do management and tracking, stuff that they do just fine without working groups trying -- will all good intentions -- to tell them how.

The fact that there are a lot of RFCs that do it just says that working groups do this frequently, and most ADs don't notice or don't care.  And the reality is that IANA will manage the registration process how they do it, accommodating reasonable special instructions when they can.  The point is that documents shouldn't be giving special instructions unless there really is something special needed for a particular reason.

Barry

On Mon, Oct 28, 2019 at 12:19 PM Mike Jones <Michael.Jones@microsoft.com> wrote:
>
> The practice of using a mailing list for registration requests to enable public visibility of them goes back at least to .well-known URI registrations https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Frfc5785&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C085270914a0b42e5007908d75be9e2ea%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637078932422930532&amp;sdata=bwglng9A7A8OGaV4vicvLAAcd%2FqcK7Q%2Fv9cnywn8fDo%3D&amp;reserved=0 by Mark Nottingham in April 2010.  OAuth 2.0 followed this practice in RFC 6749, as did the JOSE specs and JWT in RFCs 7515-19.  The rest is history, as they say.
>
>                                 -- Mike
>
> -----Original Message-----
> From: Mirja Kuehlewind <ietf@kuehlewind.net>
> Sent: Monday, October 28, 2019 8:54 AM
> To: Benjamin Kaduk <kaduk@mit.edu>
> Cc: Barry Leiba <barryleiba@computer.org>; Roman D. Danyliw 
> <rdd@cert.org>; ace-chairs@ietf.org; The IESG <iesg@ietf.org>; 
> ace@ietf.org; draft-ietf-ace-cwt-proof-of-possession@ietf.org
> Subject: Re: [Ace] Mirja Kühlewind's No Objection on 
> draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
>
> These are all quite recents examples, so maybe the procedures are changing at the moment. I guess we as the IESG should be aware and figure out what the right procedure actually should be here.
>
> > On 28. Oct 2019, at 16:31, Benjamin Kaduk <kaduk@mit.edu> wrote:
> >
> > On Fri, Oct 25, 2019 at 12:31:42PM -0400, Barry Leiba wrote:
> >> Yeh, it's very common for authors to try to tell IANA how to handle 
> >> registrations, and I often push back on that as inappropriate.  
> >> There are certainly special conditions that IANA should be told 
> >> about, but this is standard work-flow management stuff that ought 
> >> to be left to IANA.  I do think it should be changed before this is 
> >> published, probably just removing that last sentence.
> >
> > While I'm not opposed to normalizing on a default procedure, I think 
> > the authors were just trying to follow existing examples.
> >
> > RFC 7519:
> >
> >   Values are registered on a Specification Required [RFC5226] basis
> >   after a three-week review period on the jwt-reg-review@ietf.org
> >   mailing list, on the advice of one or more Designated Experts.
> >   However, to allow for the allocation of values prior to publication,
> >   the Designated Experts may approve registration once they are
> >   satisfied that such a specification will be published.
> >
> >   Registration requests sent to the mailing list for review should use
> >   an appropriate subject (e.g., "Request to register claim: example").
> >
> >   Within the review period, the Designated Experts will either approve
> >   or deny the registration request, communicating this decision to the
> >   review list and IANA.  Denials should include an explanation and, if
> >   applicable, suggestions as to how to make the request successful.
> >   Registration requests that are undetermined for a period longer than
> >   21 days can be brought to the IESG's attention (using the
> >   iesg@ietf.org mailing list) for resolution.
> >
> > RFC 8414:
> >
> >   Values are registered on a Specification Required [RFC8126] basis
> >   after a two-week review period on the oauth-ext-review@ietf.org
> >   mailing list, on the advice of one or more Designated Experts.
> >   However, to allow for the allocation of values prior to publication,
> >   the Designated Experts may approve registration once they are
> >   satisfied that such a specification will be published.
> >
> >   Registration requests sent to the mailing list for review should use
> >   an appropriate subject (e.g., "Request to register OAuth
> >   Authorization Server Metadata: example").
> >
> >   Within the review period, the Designated Experts will either approve
> >   or deny the registration request, communicating this decision to the
> >   review list and IANA.  Denials should include an explanation and, if
> >   applicable, suggestions as to how to make the request successful.
> >   Registration requests that are undetermined for a period longer than
> >   21 days can be brought to the IESG's attention (using the
> >   iesg@ietf.org mailing list) for resolution.
> >
> > RFC 8447:
> >
> >   Specification Required [RFC8126] registry requests are registered
> >   after a three-week review period on the <tls-reg-review@ietf.org>
> >   mailing list, on the advice of one or more designated experts.
> >   However, to allow for the allocation of values prior to publication,
> >   the designated experts may approve registration once they are
> >   satisfied that such a specification will be published.
> >
> >   Registration requests sent to the mailing list for review SHOULD use
> >   an appropriate subject (e.g., "Request to register value in TLS bar
> >   registry").
> >
> >   Within the review period, the designated experts will either approve
> >   or deny the registration request, communicating this decision to the
> >   review list and IANA.  Denials SHOULD include an explanation and, if
> >   applicable, suggestions as to how to make the request successful.
> >   Registration requests that are undetermined for a period longer than
> >   21 days can be brought to the IESG's attention (using the
> >   <iesg@ietf.org> mailing list) for resolution.
> >
> > [I stopped looking here]
> >
> > So if we're going to change things around, maybe we should issue an 
> > IESG statement.
> >
> > -Ben
> >
> >
>

v2.23.0 | Report a Bug | By Email