Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-39: (with DISCUSS and COMMENT)

Brian E Carpenter <> Tue, 31 March 2020 03:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6D18D3A1993; Mon, 30 Mar 2020 20:19:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id nEczgFt3BOEq; Mon, 30 Mar 2020 20:19:41 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 135813A1992; Mon, 30 Mar 2020 20:19:41 -0700 (PDT)
Received: by with SMTP id a24so2822631pfc.8; Mon, 30 Mar 2020 20:19:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:cc:references:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=5mPPDks2h/2sQ2bR2sPN2v2JJCBCKaF/1wUo1JWpvmw=; b=TH7riT9W+vARsQGwBgdpmBygX6bpYrsUwPXSWJ2QaXfyPBSEBCDFW+pLg7ElzTiRXO AG2G+rP/gSitUPa+q7zydw81uvjiDV2eoprkh8wUXM6VdKQHkuV2a9xRaF+fHLnLK+cl B9iZIf3p1kceAU67vfBxm7k+kG+asdXxccXyW920k5GnuBB7rIkuBLm5iz4fN3T3ekm9 SvyQg4yeBqMu58HA0aZntZho6qahK9X73WR4V05JRzxHhqW5KK4IMGhKyGu8wCBIObif T9h5QC37OMEYZ2MpUyddX3rgK37R7FHtQdpELlYnjcEDGQsjVIG0mMNmD9B9CpFJ7tk3 1QDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=5mPPDks2h/2sQ2bR2sPN2v2JJCBCKaF/1wUo1JWpvmw=; b=FgM/8Cg59unEnDqQjN8mIG0q3OwF+Ns4sTCjwwiAfKLl3JW8tI+o/JXlxbGTKMb1pU 09IxC9JCBRhXFrdaf55JVrFq+V0S75spEA5rLmQMafTA7Y7v27cCzJzSBikO8wzq0qhY byJj+zlIcXtQWI3aqF9jzBL1Ev3ua/JDdMckr1cT6EVk6Xn2EiM5wZF7AAB4cuBP4e/3 dU/w4A3P/LFI+jpBOZhFxhlafKfBeBOlY5f5ufH3EGdNSSYd6vCPx+k3Gw8QlKnILdD0 zju268rbG31UZu3VyO+g/6H4hQdWTRNXQ4cimlqZ88sH5A8kUDT2sNgpZ5I+lKu/Kwi8 kApw==
X-Gm-Message-State: ANhLgQ0zG/AN06oSi5vhhgWraSGTMrjKUGvJZcU7iSWFj/tSysOF0m5B ZzHEPLwzjTSNjULlWUC9EeQ=
X-Google-Smtp-Source: ADFU+vvWJAr8XrQ9Wutfp7FTgTaL3TWbL/bJ0auyYoQQXgMavM3w/A0ki+neud8xoF3Y5Q2cFujx/A==
X-Received: by 2002:a63:a74e:: with SMTP id w14mr15417353pgo.231.1585624780486; Mon, 30 Mar 2020 20:19:40 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id o11sm752302pjb.18.2020. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Mar 2020 20:19:39 -0700 (PDT)
To: Michael Richardson <>, Benjamin Kaduk <>
Cc:,, The IESG <>,,
References: <> <4603.1585620652@localhost>
From: Brian E Carpenter <>
Organization: University of Auckland
Message-ID: <>
Date: Tue, 31 Mar 2020 16:19:35 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <4603.1585620652@localhost>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-39: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 31 Mar 2020 03:19:42 -0000

I'm confused about something. It's my understanding that "Proposed Standard" means that a specification is generally stable, has resolved known design choices, is believed to be well-understood, has received significant community review, and appears to enjoy enough community interest to be considered valuable. However, further experience might result in a change or even retraction of the specification before it advances.

I'm rather baffled as to why BRSKI -39 doesn't meet that standard. It's not as if the authors are claiming that at least two independent and interoperable implementations from different code bases have been developed, for which sufficient successful operational experience has been obtained. If we are asking for Draft Standard status, we wouldn't be ready. But we're not; we're asking for Proposed Standard and it seems to me that the draft has met that standard since at least version -32 when the review team comments had been handled.

I'm not a security expert but I do believe that perfection is the enemy of the good.

   Brian Carpenter

On 31-Mar-20 15:10, Michael Richardson wrote:
> Benjamin Kaduk via Datatracker <> wrote:
>     > Unfortunately, it seems that the "pinned-domain-cert" in the issued voucher
>     > is the registrar's cert, not the CA cert.  (Given that the documented
>     > workflow is
> That's entirely correct.
> The thing in the voucher validates the TLS connection that the pledge sees.
> _______________________________________________
> Anima mailing list