Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)

tom petch <> Tue, 17 December 2019 17:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BB783120BF7; Tue, 17 Dec 2019 09:19:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MTOqHc4AN8TJ; Tue, 17 Dec 2019 09:19:19 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 04A84120BCC; Tue, 17 Dec 2019 09:19:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=EJLAW+T3N1R9BXXQy5vw13HWd7N8sqNILiQu71KtXgSQPLgYJS1mKn6N2C5wOfRhdIkZvSssMary8hRZ4gL+EBnksYxfJPwUQ8mDznSos2+LWZqiokPKbBLS5VyEfoL2Dn9BrpexSdn24xl7MOZ6eyChG49KnwV+bno7xbhbpm9/EwSXPzZHLM3OtO2Wrd894lfdyr8juqtAxTSUV9QdQNNhjkUIk7eYcaGi3XvUtWjUVuxtoxXOD1AzzfFKgj/Hl3YTREfOP6qZzRThqVYOvtpo1G0U9wdz4c7iqKysqeve8/zG/UFYvpKhki2X6tqA3aY9AFBrY7BGXUorUfp/QQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EYg/fczKU9OIlHZ6CSX1nagNfPmr/iJ8g0GdKJuLuqc=; b=FuwdB9XNFBmY1QpnaSiUsXVVfNmGSYGf93w32lQo03jE53G7MeGhv8KNLwQQFKEOkFw3tigfnjrEwaFP+7BXgFxpmQPMlIcxRHSKzhpc6Pt8PICM1UAtT8S3M+amISuZjnd2jbWC0XTDuXrqGDPyIi3uJWODAzGnk4XZzCuuGJUoL+AjRJBZLHJWBpvwwXrwdZvIGMhfARLpEQoArr/9ktdmX7Ae/IA4/KsMef3Lhhme3PtCk77QjusvaPd5RfhzQuQKwl6CUqj02AysKLNoGqGJHR/3/M2TeCIugMFU0hpjdT9D+GsRfcM/OTbzisKBryIn6benmSrjLaRZkhiTBQ==
ARC-Authentication-Results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EYg/fczKU9OIlHZ6CSX1nagNfPmr/iJ8g0GdKJuLuqc=; b=MojIwescn3PPErd04Lt5p/894hhVCFp82MhHRG0kPw0ZtSQsB7scYGq0Vb9Pqz0J1onOk3rn5geXBZxkBWqjdnMTRUpVEO/FAQT34TOzjuWKgokv8SP8rH6oedyZnkPN+VX38oHU0Tbx18HtXVKw0lKiBdp4k02HcucVXWYbyzA=
Authentication-Results: spf=none (sender IP is );
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2559.12; Tue, 17 Dec 2019 17:19:14 +0000
Received: from ([fe80::4156:4119:dd89:95f7]) by ([fe80::4156:4119:dd89:95f7%5]) with mapi id 15.20.2559.012; Tue, 17 Dec 2019 17:19:14 +0000
To: Michael Richardson <>, Alissa Cooper <>
References: <> <9637.1574756997@localhost> <> <20062.1576526178@localhost>
Cc: IESG <>,,,,
From: tom petch <>
Message-ID: <>
Date: Tue, 17 Dec 2019 17:19:08 +0000
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <20062.1576526178@localhost>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: LO2P265CA0239.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:b::35) To (2603:10a6:208:11e::24)
MIME-Version: 1.0
Received: from [] ( by LO2P265CA0239.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:b::35) with Microsoft SMTP Server (version=TLS1_2, cipher=) via Frontend Transport; Tue, 17 Dec 2019 17:19:13 +0000
X-Originating-IP: []
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: e5ca35c1-6121-4574-1506-08d783153d54
X-MS-TrafficTypeDiagnostic: AM0PR07MB4979:
X-Microsoft-Antispam-PRVS: <>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-Forefront-PRVS: 02543CD7CD
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(396003)(39860400002)(136003)(366004)(376002)(346002)(189003)(199004)(51444003)(5660300002)(52116002)(8936002)(2616005)(66946007)(956004)(81166006)(66476007)(2906002)(81156014)(478600001)(6666004)(36756003)(110136005)(6486002)(86362001)(4326008)(16576012)(8676002)(53546011)(26005)(66556008)(87266011)(33656002)(316002)(16526019)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB4979;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
Received-SPF: None ( does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: CI2B29Ex9N14lzGmDM5nRGBLkZBe2UYXv2jlDjBU5ltrvEqjLSf+W7SIu01xfUa3Vi8pWu1HQ1uAVn/CdVIkyi0OTxxsahqL75raOp7BOt5Bff5hCBSKfvf6pqeTMHQPFIjlN1AV+SSbNoY+xjjR4U12G8OjwXnp6aOA+p4IITrjY2NeoBJcKkKD8RzrIVLvlz7HaSa2286n0zSBswWedWHFycAtHRvVC1Nif/gfBOIhpG6TBDTr1AnceFTWWGNYG2mE6kzFTB/6BSQ+yypaUBcjPC+iuOLp85mrEFBQt2pRyAOntvs0wmt4mfCQ2SeYvZrd0cgg9S1Jo2YSOonHKa7tyFdwbu9GnjI0p0ABkX5UEwxhGlaeeapcN1NPWTOaBa4X2k9nQ7rP5iinRxXWGKpAIskbn/p6oRoX66kj3cFXS/sPwcEtS+i8dxMVVYta2ms9cnZojovn17Sbbuqu16BKCgA3w7nshc9CQN1h16O8ST3VEyQqjpCZyQ+ziCLW
X-MS-Exchange-CrossTenant-Network-Message-Id: e5ca35c1-6121-4574-1506-08d783153d54
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Dec 2019 17:19:14.4735 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: OLHOWmf0f6+GofNwQXD87tcdq/o2dIWfw7RjuadawVF8xpdp8AL0pGx52luoVBSGE8GbEYBpTRjh5hEjdsoD1A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB4979
Archived-At: <>
Subject: Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 17 Dec 2019 17:19:24 -0000

Michael,  my initial posts were a response to the Genart review and so 
did not include your name, just Anima, Anima chairs, ibagdona, IETF; you 
are in this one as (but IETF mailers may have a 
habit of thinking you will get an e-mail via one way and suppress other 
ways with different e-mail addresses).

Yes you have removed the second YANG module which addresses my comments 
about the second YANG module but my other comments mostly remain.  Those 
about the YANG prefix are fixed.

RFC8040  needs to be in the I-D References

IANA Considerations mentions the removed module but lacks the two 
required actions for the remaining module

XXXX is used as a place holder for a document name which is not that of 
this I-D and does not exist AFAICT

The YANG module must be plain text - [RFC8446] looks like HTML/XML

Security Considerations lacks the required boiler plate for a YANG module

Appendix A still has a typo

Tom Petch

On 16/12/2019 19:56, Michael Richardson wrote:
> {Hi Tom, I don't quite understand, but I don't seem to get emails directly
>  From you.  Or perhaps it has to do with it being posted through the
> datatracker.  This is not the first review I have missed in this way.}
> We had forgotten about the content of Appendix C, which is not normative.
> It stems from an era when we were not sure how successful RFC8520 will be.
> I have issued version -31 in which we remove Appendix C rather than fix it.
> This extension could be added correctly at a later date, and at this point,
> we don't see the MUD FILE->MASA URL flow as particularly important.
> Both URLs can be in the IDevID if needed, at the cost of bytes in the IDevID
> certificate.
> I think that there are operational problems with embedding the MUD URL in the
> IDevID relating to firmware upgrades, nor is that related to this appendix.
> It is not a BRSKI issue, but it does mean that the likelyhood of a MUD URL
> being the only extension that can be afforded an IDevID is significantly less
> likely.
> --
> Michael Richardson <>, Sandelman Software Works
>   -= IPv6 IoT consulting =-