Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)

tom petch <daedulus@btconnect.com> Thu, 02 January 2020 12:29 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C64AF12008B; Thu, 2 Jan 2020 04:29:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e6aRBfMQgPTC; Thu, 2 Jan 2020 04:29:20 -0800 (PST)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00118.outbound.protection.outlook.com [40.107.0.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EDD1120086; Thu, 2 Jan 2020 04:29:19 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QsKlh+vKCBVjxpRikQznBpgKsUIbzaeTZ2SnxRk5S4GognJmA8xbXlojKs4R+MY01JdmFZeOs4fw4NOwyh4/oxMCcRJg1O/+N8Jjr/haMemv2av8wqP2QnLIoIIOsqLOEAK1gUzWyrodeGFAy2Br95nOjWcL2lk74U5YnaB/mML2fwUnfGR6l3mocuR19esyIH3hMi/m/kJf9z5GRtlhtn/sjgcqN7GPcsAWiP9dRnyo4Vy7MDKClU5Nho71P1CLKFLLsRnHqNFm7+POWxWoH4+wj4jrSnq2Wc5VJoFWmnDrbEUhEjD/sABbMS8WeGDgO8W1W5HUoTH0WoCyd3xEiQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sXjtP72V0+/4gNALV5mHC6VTYl1PnO8j8mKmjOMR1Ok=; b=YIK4YqJXQAdgTqUieU/Sio0nKrYLWhKpGRh9y37xgKW3ptOdVOOUKkgw4DdZGIHXw05rNeBw4jc16fVsdqMUdKO2UVxNEjO6gbD38pQytje4t9k5Dsw5T4pEEESQtOKBjjfFxj45cx5vOI8ZzhCWNUTlbKxuRi8uw0o8W/ZZsgtnUz1zmXhxZLrqkBmwJpC4GhIOmTMTBFeTLywIPAP3v2JyWvZKWv79d1EMxPrAfsA1wCvEOK1oxc4MYMrOKg8BEQcWVURop5+SCtB2u2GgaLkULpI+WfCwmiNk1V3GglyYYziBtucL8pwxT/wJcG8KunbqLn1h/UsKrj1r9K+6rw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sXjtP72V0+/4gNALV5mHC6VTYl1PnO8j8mKmjOMR1Ok=; b=UZk4oTZPPAKjdRHdFBSz8yppWzH5i2aHLtb59LuiR4QYfbbnxW0bkp4psMZtq/XD8OHuGtvN7TCJQVUSQV7xCyTc/IQtWl+XJcp7xkDhB4iVl8n7Ghjtm7YUz3z2xfcy1VjroVwS+Bt7TdCSWVG0oIcujUFhBg2Ou2xMEQGD0j0=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=daedulus@btconnect.com;
Received: from AM0PR07MB5716.eurprd07.prod.outlook.com (20.178.115.216) by AM0PR07MB5682.eurprd07.prod.outlook.com (20.178.116.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2602.9; Thu, 2 Jan 2020 12:29:14 +0000
Received: from AM0PR07MB5716.eurprd07.prod.outlook.com ([fe80::4156:4119:dd89:95f7]) by AM0PR07MB5716.eurprd07.prod.outlook.com ([fe80::4156:4119:dd89:95f7%5]) with mapi id 15.20.2602.010; Thu, 2 Jan 2020 12:29:14 +0000
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <157123777786.7830.10713306244839546046.idtracker@ietfa.amsl.com> <9637.1574756997@localhost> <2FA2728E-6484-4A69-992A-479D8053354E@cooperw.in> <20062.1576526178@localhost> <5DF90E0C.9020603@btconnect.com> <28309.1577821075@localhost> <5E0BBC17.5070709@btconnect.com> <30513.1577829694@localhost>
Cc: Alissa Cooper <alissa@cooperw.in>, IESG <iesg@ietf.org>, draft-ietf-anima-bootstrapping-keyinfra@ietf.org, tte+ietf@cs.fau.de, anima@ietf.org, anima-chairs@ietf.org
From: tom petch <daedulus@btconnect.com>
Message-ID: <5E0DE216.3020201@btconnect.com>
Date: Thu, 2 Jan 2020 12:29:10 +0000
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <30513.1577829694@localhost>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: LO2P265CA0372.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::24) To AM0PR07MB5716.eurprd07.prod.outlook.com (2603:10a6:208:11e::24)
MIME-Version: 1.0
Received: from [192.168.1.65] (86.139.211.103) by LO2P265CA0372.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.2602.11 via Frontend Transport; Thu, 2 Jan 2020 12:29:13 +0000
X-Originating-IP: [86.139.211.103]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 0867ff54-e8d0-4357-5191-08d78f7f60d4
X-MS-TrafficTypeDiagnostic: AM0PR07MB5682:
X-Microsoft-Antispam-PRVS: <AM0PR07MB568278E81257B8BA6203A792C6200@AM0PR07MB5682.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-Forefront-PRVS: 0270ED2845
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(366004)(376002)(346002)(136003)(39860400002)(396003)(51444003)(189003)(199004)(33656002)(36756003)(478600001)(87266011)(8936002)(52116002)(16526019)(2906002)(81166006)(186003)(6486002)(26005)(81156014)(8676002)(966005)(53546011)(2616005)(956004)(66556008)(66476007)(66946007)(4326008)(16576012)(316002)(54906003)(5660300002)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB5682; H:AM0PR07MB5716.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
Received-SPF: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: MCLXa5iKvmsBuAJG8kf4ClqYp04Nl3jXVY3gEs/638qe5dQUbkXLgHsD28QDpuF4ATUZrO6x+CefpRW2QaxMAtkzMuKr7MZKLI5oVB6qOjwjhBioey1IhljMbfhQA+m1qJEuxavQOqEHrSwuk3X7QB3vyJjkU7Y6KD0ck8Og0DxWz13zSnU9rIqiMRd9VS2XRFXfdatVa+Lq1BOrk3bmWlnlcd79hBUMwCz+gub/81R51zUqTV/Xn8HTFFH/B/lYYq8MMfiqqe7jLk1IW1h9YZ0R6+bieFeAu778JeRWDiXx5kMyHkAWE30epZVGEED2f2uhSB7u/2K4Btk0TWDQMX4pOrpvyCq9A+3xeJAedIASxl/rDGCaimQQSrL/IAcbK6/GTn8KiyB6Y0Xxtrs6VYXZ2kufHwu1+rIdrbKdhbRxbMYgV+6pygw24M3ukMrbuRzgG/TbbOVisE10eyl6LCcJYFJRPzB+zP3JgDEswqXDvh9CsDHsCYkmcGJouNA7v7ISXVI+K2wRpGYZuNWCP0LV51+tUfN5xk/5avCkCls=
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0867ff54-e8d0-4357-5191-08d78f7f60d4
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jan 2020 12:29:14.7588 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: uyzT7zwut1Y4LBw2+sCotVyFqG2j0K1SMGax1AvZG67SenvAqvXr36p9NBVETsg0MRjmX/2ORVdn7XtxCMR0+w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB5682
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/FFUkEEbOjWNGDZ2BLWD1VcpQs2s>
Subject: Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jan 2020 12:29:25 -0000

On 31/12/2019 22:01, Michael Richardson wrote:
>
> tom petch <daedulus@btconnect.com> wrote:
>      > Security Considerations, the YANG Guidelines RFC says that you must mention
>      > TLS, HTTPS, etc and give pro forma text for doing so.  As long as you still
>      > have a YANG module, as you do in s.3.4, I would expect those guidelines to
>      > apply and so to see something like the pro forma text
>
> Please see:
>         https://www.rfc-editor.org/rfc/rfc8366.html#section-7.4
>
> TLS is already specified and discussed at length in the document.
> If you want me to copy the second paragraph from there in, I can do that, but
> it seems like needless text.  You can't implement BRSKI without reading
> RFC8366.

Looking at -32:

Security; OK, leave it be.

IANA yes, that is (almost) what I wanted - I suggest that the title of 
8.2 should be 'YANG Module Names Registry.

References still trouble me.

The YANG module has
reference "RFC xxxx Voucher Profile for Bootstrapping Protocols"

I cannot find an I-D of that name - it is not the name of this I-D; do 
you mean "Bootstrapping Remote Secure Key Infrastructure" which is the 
current title of this I-D and which I would I think would not appear to 
be the same reference to a layman?

Also on References, in -31 you had X.690 as a Normative Reference which 
I thought spot on - now you have removed the reference which I think 
wrong.  YANG 'leaf proximity-registrar-cert' mentions X.690 so I think that
a) you need a YANG reference clause for the leaf
b) you need a XML/HTML reference in the body of the I-D so as to avoid 
an unused ref error - 'The YANG module makes reference to [X.690] ' {or 
[ITU.X690.1994] }  is the way most authors address this
c} you need that reference restored to Normative References

Tom Petch

> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>   -= IPv6 IoT consulting =-
>
>
>