Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)
Michael Richardson <mcr+ietf@sandelman.ca> Tue, 31 December 2019 19:37 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EB1A120047; Tue, 31 Dec 2019 11:37:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R5aq0dW3jIoq; Tue, 31 Dec 2019 11:37:57 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42C31120026; Tue, 31 Dec 2019 11:37:57 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 3C29138981; Tue, 31 Dec 2019 14:37:41 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id A62C83FE; Tue, 31 Dec 2019 14:37:55 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: tom petch <daedulus@btconnect.com>
cc: Alissa Cooper <alissa@cooperw.in>, IESG <iesg@ietf.org>, draft-ietf-anima-bootstrapping-keyinfra@ietf.org, tte+ietf@cs.fau.de, anima@ietf.org, anima-chairs@ietf.org
In-Reply-To: <5DF90E0C.9020603@btconnect.com>
References: <157123777786.7830.10713306244839546046.idtracker@ietfa.amsl.com> <9637.1574756997@localhost> <2FA2728E-6484-4A69-992A-479D8053354E@cooperw.in> <20062.1576526178@localhost> <5DF90E0C.9020603@btconnect.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 31 Dec 2019 14:37:55 -0500
Message-ID: <28309.1577821075@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/uWgMtFyvfhg-pysBwj9OSQEsGXE>
Subject: Re: [Anima] Alissa Cooper's Discuss on draft-ietf-anima-bootstrapping-keyinfra-28: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Dec 2019 19:38:00 -0000
A diff against -31 is at: https://tinyurl.com/vuls2ge and will grow to include my responses to Ben's 2019-12-20 comments later today. tom petch <daedulus@btconnect.com> wrote: > Yes you have removed the second YANG module which addresses my comments > about the second YANG module but my other comments mostly remain. > Those about the YANG prefix are fixed. > RFC8040 needs to be in the I-D References > IANA Considerations mentions the removed module but lacks the two > required actions for the remaining module I understand now. I wonder if idnits could be taught to find such issues :-) Please see commit: https://github.com/anima-wg/anima-bootstrap/commit/75d7ef8a78b2c03cd2e558705861194357f1e643 > XXXX is used as a place holder for a document name which is not that of > this I-D and does not exist AFAICT Do you mean the self-reference should say "XXXX"? I have used "THIS DOCUMENT" in the past. > The YANG module must be plain text - [RFC8446] looks like HTML/XML I'm confused by this comment. I see: > Michael, my initial posts were a response to the Genart review and so > did not include your name, just Anima, Anima chairs, ibagdona, IETF; > you are in this one as mcr+ietf@sandelman.ca (but IETF mailers may have > a habit of thinking you will get an e-mail via one way and suppress > other ways with different e-mail addresses). Yes, I wasn't complaining about your actions, but more just lamenting: my impression is that the problem is that DMARC is getting in the way, since the DT acts as a remailer. However, btconnect.com has a p=none policy, so it shouldn't be a problem... however, maybe it fails the SPF tests themselves. {I was forced to switch spam processing systems in the spring, and it really has been a PITA to get it configured sensibly. Very few of them support IPv6, and a surprising number of them will not use TLS for final delivery. I specifically need to whitelist everything coming from the IETF SMTP machine, and I don't think I've accomplished that perfectly yet.} leaf proximity-registrar-cert { type binary; description "An X.509 v3 certificate structure as specified by RFC 5280, Section 4 encoded using the ASN.1 distinguished encoding rules (DER), as specified in ITU-T X.690. The first certificate in the Registrar TLS server certificate_list sequence (the end-entity TLS certificate, see [RFC8446]) presented by the Registrar to the Pledge. This MUST be populated in a Pledge's voucher request when a proximity assertion is requested."; } I'm not sure I see how you are seeing HTML here. If you are looking at: https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-31#section-3.4 then the links you are saying are because the HTMLizer sees the reference and HTMLizes it. > Security Considerations lacks the required boiler plate for a YANG > module I see. I have adapted the text from RFC8366, as we extend it, and the normal template does not apply. Fixed in commit: https://github.com/anima-wg/anima-bootstrap/commit/c138bbd24db038f0704770b545e74ba202a98e4e > Appendix A still has a typo secification -> specification. plege->Pledge.
-- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [Anima] Alissa Cooper's Discuss on draft-ietf-ani… Alissa Cooper via Datatracker
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Brian E Carpenter
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… tom petch
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… tom petch
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… tom petch
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… tom petch
- Re: [Anima] Alissa Cooper's Discuss on draft-ietf… Michael Richardson
- [Anima] draft-ietf-anima-bootstrapping-keyinfra tom petch
- Re: [Anima] draft-ietf-anima-bootstrapping-keyinf… Eliot Lear